Recently, a barrage of external threats aimed at exploiting vulnerabilities and causing havoc has become commonplace in the wider digital landscape. These threats stem from the malicious actions of individuals and automated bots seeking to wreak havoc. They are not related to errors in code or system.
Here’s what we know
Our team of developers has monitoring software that tells us when it looks like a problem may be happening, before sites are affected, and has automated and manual security measures that stop many threats every day. As it stands, none of the attacks have resulted in any kind of data breach or caused damage.
We believe the target of the attacks are random and not aimed specifically at a certain domain or organization. Our clients typically take donations online, and historically non-profit organizations globally are associated with low website security, thus making them an easier target. While rare, some of our clients may be targeted due to political/cultural angst toward them (as mentioned we’ve seen this in the past).
We believe the nature of these attacks are:
- People/bots looking for weaknesses to exploit so they can plant malicious code on a site (typically what "hacked" means) to use for their nefarious purposes.
- People/bots looking for databases with inadequate security so they can steal the data to use/sell.
In both instances, our security measures have prevented a breach, and downtime has been minimal. In fact, Sitewrench has had 99.169% uptime in the last 30 days.
What can you do to protect your website?
The world of online security has rapidly changed… but what does that mean?
At the heart of our response lies a fundamental truth: the world has changed. The accessibility and affordability of cloud infrastructure, exemplified by services like AWS, have increased the ability to launch sophisticated cyber attacks with minimal investment. This shift has empowered nefarious actors to target websites indiscriminately, attempting to exploit vulnerabilities for various malicious purposes.
One of the key benefits of SiteWrench is having developers on staff to handle these attacks in real time. Internally, we are steadfast in our pursuit of infrastructure enhancements aimed at bolstering our resilience against cyber threats. By continually investing in our infrastructure and refining our service offerings, we fortify our ability to weather storms while providing clients with unparalleled support and security.
Additionally, we urge our clients to play an active role in safeguarding their websites. Central to this effort is the implementation of DNS-level security measures, which serve as a vital line of defense against a myriad of threats. Providers like Cloudflare offer robust solutions tailored to protect your website from online threat. Our team believes it is imperative to implement a system like Cloudflare, which has a single monthly service fee, and are happy to assist with implementation at no cost.
As always, SiteWrench’s current status is available at status.sitewrench.com. Our new upgraded messaging system allows us to post real time updates and we are committed to making sure this is updated and reliable.
For more information, or to discuss implementation of a DNS-level security measure, please contact our team through a support ticket.