Domain Security: How to Protect Against Name Hijackers

domain security

Domain security is not just a check mark on your wish list, it’s a must-have for any website owner.

It’s easy to get immersed in the details of building your brand. Launching your website and managing your fledgling business is way more fun that worrying about security.

While all of that is fun, the importance of domain security can’t be stressed enough.

Hacking incidents had a slight decline in the last decade but have come roaring back as hackers get more and more sophisticated in their methods.

Believe it or not, hacked domains account for .8 of the world’s GDP – a staggering average of $400 billion in revenue loss!

Don’t know what it is? Know what it is but think you’re safe enough?

Follow along while we break down the what, why, and how of locking down your site.

What Is Domain Security?

First, let’s analyze where you’re weakest. Hackers look for spots where you’re most vulnerable and move in for the kill.

You might be stunned by how easy it is to register a domain, but that’s the flaw.

If you’re just logging in with an email and a password (that you swear is secure), there’s the problem.

A true domain security protocol is one that gives you control over things like password strength, access, and total lockout.

So now you know what it is and why you need it, let’s go over how to lock it down and keep your domain safe.

Create A Strong Password

This is really domain security 101. If you think your beloved pet’s name with a few numbers thrown in is all it takes to keep the bad guys out, think again.

Go with a password generator for the strongest security. It might be a confusing jumble of letters and numbers, but that’s exactly what you want.

Be Smart About Managing Your Passwords

Now that you’ve got one strong password, make one for every single account you have.

That way even if one gets cracked, you’ll still have control of the others.

Make keeping track your passwords easier on yourself by using a password manager.

Bonus tip: change your passwords every three months to really up your domain security.

Double Up

Make life difficult for hackers by adding a bonus level of security: turn on two-factor authentication.

That means that even with a password, a special code is sent to your phone. Hackers would need access to both to break in.

Tons of services have this capability because they realize how crucial it is to keep your site safe.

Register To Your Own Account

Use your own identity when registering your domain. That way you always retain control and your ID can be verified.

While it seems daunting, you don’t have to give up control of your main account.

There are ways to share access to the site without using your main login.

Lock Up Your Email

So you’ve turned on two-factor authentication on your website and registered everything in your own account.

It might seem like a water-tight plan but go the extra mile and make sure your email is protected, too.

If someone gets ahold of your email, they might be able to reset your password through there.

In addition to the previous steps, safeguarding your email is a big step towards domain security best practices.

Get A Good Anti-Virus

Believe it or not, you don’t have to shell out big bucks for an anti-virus that does the trick.

There are plenty out there that come directly from Microsoft or other reputable places that offer no to low-cost anti-viral programs.

To make sure it’s effective, always keep it up to date. Any time there’s an update, make sure to get it done immediately.

Try to run your anti-virus scan once a week at least.

Be Careful What You Click On

In the middle of the hustle and bustle of building your business from the ground up, you might just click any old thing that comes along.

Stop before you click.

Don’t go for any links or downloads that look tempting before running it through your antivirus software.

Check out a website that a link is trying to re-direct you to verify it’s safe to go.

And be especially wary of any site that asks you to register with an email and a password.

Bonus: stay safe while using public wifi. Hackers can use it to re-direct sensitive information if your access it from a phone or tablet.

Phishing is No Fun

Heard of Phishing? Sounds like when you join the legendary 90s jam band on their cross-country tour but it’s nowhere near as cool.

Phishing is when hackers try to get you to let your guard down through malicious emails. Those hackers are getting sneakier by the day, too.

Here are some things to watch out for if you suspect you’re being phished:

  • Using a legitimate business’ name – but a fake website
  • Very personal emails with your name – but asking you to click on a link or download something. This type is common on social media.
  • Media access sites – but something’s off. Very commonly, phishing attacks will come from something you use to access your files, like a fake Dropbox account.

Be wary of what’s in your inbox to maintain domain security.

Make A Real Plan

If you’re part of a larger company, make domain security a party of your overall strategy.

Your domain is just as valuable an asset – and full of rich information that you don’t want getting into the wrong hands.

Make sure your company understands how crucial it is that your website’s integrity is never compromised. Work with them to put protocols in place in case something happens.

Get Real-Time Updates

While you can put all of these things into place, sometimes hackers still slip through.

Sleep easy by hiring a site monitoring service, like Site Uptime. If there’s a drop in activity or anything else suspicious, they’ll instantly alert you.

Plus, there are several tiers of plans, one of which is completely free.

Which tips have you tried? Which do you need to follow up on? Don’t compromise your website – take domain security seriously and don’t skip any steps.

7 Things to Know About FCC Internet Neutrality Rules

fcc internet

The internet has changed everything about our lives.

The ways we communicate, shop, and work have all been impacted by the internet. The web also makes a wealth of information readily accessible at your fingertips.

The internet has come to be regarded as a free and open public forum. Recently, internet users have worried that this freedom could be compromised by ending Net Neutrality.

Net Neutrality is an FCC internet policy that supports an open internet. But what is it exactly? Let’s take a closer look at seven things you should know.

A Brief History of FCC Internet Policy

The FCC first adopted Net Neutrality, or Open Internet rules, under the Obama administration in 2015.

The basic principle behind Net Neutrality is that all internet traffic should be treated equally. This means that internet service providers cannot provide faster speeds to websites or customers that pay more.

Net Neutrality Does not Give the Government Control of the Internet

There is concern over whether these rules would increase government oversight of the internet. Users were concerned that the policy could be a threat to their privacy and cybersecurity.

In short, Net Neutrality does not give the FCC, or any other government agency, control of the internet. The policy provides no additional authority to censor legal content on the internet.

In fact, Open Internet rules prevent internet service providers from blocking lawful content. This rule protects the internet from censorship.

So we’ve got an idea of what Net Neutrality does and doesn’t do. But what would the internet look like without Net Neutrality?

Sites Could Pay for Faster Speeds

One feature that Net Neutrality prohibits is charging certain websites for faster speeds. These so-called “fast lanes” could allow companies to pay for faster loading times.

Many internet users fear that changing Net Neutrality’s current policy could end online streaming as we know it.

Under existing rules, it costs the same amount to access a streaming site like Netflix as it does to access any other service. This is despite the fact that streaming online videos requires much more bandwidth.

Without these FCC internet rules, internet service providers could charge higher prices to access streaming services. This could make the cost prohibitive for most users.

Internet Service Providers Could Offer Preferential Treatment

Many internet service providers would have a direct incentive to charge more to access streaming sites.

Lately, many consumers have been turning to “cord-cutting” for their home entertainment needs. Because of the inexpensive costs of services like Hulu and Netflix, they’ve been ditching expensive cable plans. This trend has led to a cut in cable’s profits.

In many areas, cable television and internet service are sold by the same companies. For instance, Comcast, Verizon, Spectrum, and others all offer packages that bundle internet and cable service.

In short, internet service providers could charge users more to access Netflix. This could make a cable package look appealing.

Not only that, but some internet service providers actually own their own streaming services. For instance, AT&T owns DirectTV. Without Net Neutrality, AT&T could charge less for customers to access their own product.

These changes to current FCC internet rules could greatly limit consumer options.

Protecting Consumers

The rules of Net Neutrality are intended to protect internet users. The FCC internet policy insists that the internet is more like a public utility than a good that can be regulated by market forces.

For instance, Americans don’t buy their electricity or water from a private company. Instead, they purchase it from a government utility agency.

This centralized system ensures that prices are consistent for consumers. It alway maximizes the access that consumers have to these essential services.

The creators of Net Neutrality suggest that the government should treat the internet in a similar way. Because internet use is so ubiquitous, many consider it a necessity, rather than a luxury.

These rules are intended to regulate the price and distribution of internet service so that more Americans can continue to access it.

Are the Burdens Too Heavy for Internet Service Providers?

Whenever a consumer protection is passed, there is bound to be pushback from for-profit companies. All consumer protections cut into company profits to some extent.

Internet service providers complain that FCC regulations hinder their ability to regulate traffic. In some ways, this is true.

Net Neutrality does not allow service providers to place regulations sites because of the bandwidth they use. But providers are still able to block traffic from sources that pose security threats. They can also regulate traffic issues in times of high use and congestion.

Internet service providers also argue that Net Neutrality discourages investment in bandwidth. Remember, providers do not have the ability to charge more money for using more bandwidth. The companies argue that this makes the product’s value much less attractive to investors.

Since Net Neutrality has only been in place since 2015, the implications of this claim are still playing out.

Internet Rules are Changing

As we all know, the 2016 election brought a new administration to Washington DC. Ajit Pai, chairman of the FCC, has indicated interest in rolling back certain Net Neutrality regulations. It will be many months, if not longer, before we know the full effects of this move.

That said, Net Neutrality is not the only FCC internet rule that is changing. Earlier this year, Congress voted to overturn an FCC Broadband Privacy rule.

This rule required internet service providers to inform users that they were collecting data. It also required transparency about how the data would be used. Additionally, service providers had to take precautions to ensure consumer data was protected.

Again, these policy changes are extremely new. It will be a while before we can understand their full impact.

That said, these recent moves regarding FCC internet rules indicate that we might be entering a new age of internet policy.

Where do you fall on the Net Neutrality debate? Do you believe ending Net Neutrality would impact your business? Let use know in the comments!

Agile Security: 5 Best Practices for Scrum Teams

agile security

We live in a new world with new possibilities. Data that was once easy to keep under lock and key has now become more difficult to manage. This difficulty has made cybersecurity a major concern for most companies.

To combat threats, businesses are looking into new solutions, one of which happens to be agile security. Companies need to be able to respond to data breaches, and faster response times are just the thing they need.

Businesses will no doubt be hard-pressed to keep up with all of the twists and turns which accompany developing agile security systems. That said, we’re doing you a service by giving you five tips that will keep your scrum teams on their toes.

Automate Security Protocols

Automation is the way of the future regardless of whether or not we’re talking about cybersecurity or less consequential things such as social media posts. It just has too many great uses in the digital age we live in.

As it turns out, automation can do wonders for teams looking to tighten up their security.

Programmers and engineers are talented, but human error is always a possibility. Consequently, coders need to refocus their efforts and start finding ways to automate the tasks which can be botched as a result of a single mistake.

Automation also allows for what we like to think of as a more all-encompassing method of keeping systems secure. Automated tools can monitor everything all at once, unlike humans.

They’re also a more agile solution for businesses nowadays. When an issue arises, it takes longer than some of us would like for tech teams to start attacking the issue.

Automated tools and programs, however, are always on the scene. When something goes wrong, they’re the first responders by virtue of being present. They may not prevent disasters as effectively as human detectors can, but they let engineers know something is off before companies have catastrophes on their hands.

Rapid Response Teams

As great as automated security protocols are, there is no reason to think that they could ever replace talented programmers. Computer programs run on coded instructions whereas programmers run on all of that and more.

Having said as much, scrum teams should at least consider having a rapid response team on standby. Though this team probably wouldn’t beat the automated tools to the punchline, it would certainly be neat to have one.

Having a whole team of qualified professionals is, after all, never a bad idea.

Just make sure that this team is a rapid response team in every sense of the phrase. The team should be on-call at all hours of the day if possible since things can go haywire at any moment.

And as an added bonus, rapid response teams have the potential to build customer value.

Cloud-Based Security

The cloud gets mixed reviews in some circles. Some believe that it isn’t secure while others are perfectly sure that it’s just as secure as other means of storage.

Regardless of what you think, though, it’s here to stay. As a result, we might as well make us of it in order to put some agile security protocols into place.

Cloud-based security, unlike traditional security, essentially lives in the cloud. It calls no hardware its home, which allows it to better protect portable data that travels from network to network.

This approach to security also has the potential to save companies money in the long run. Software which is stored on hardware expires when that hardware reaches the end of its life. Cloud-based software, on the other hand, is subject to no such expiration.

API-Driven Security

You’ve probably heard us mention API security at least once or twice around these parts. We don’t like to toot our own horns, but we’re right to be crazy about it.

API-driven security is a triple threat of sorts. First and foremost, it allows teams to make updates to preexisting systems and perform necessary integrations without upsetting entire systems. It makes updating systems quick and simple, and that’s the definition of agile security.

A second benefit of API-driven security, it makes automation that much easier for companies since the two play nicely together. If that wasn’t enough, the third benefit of this type of security is that it also plays well with the cloud. Mixing the two pretty much guarantees speed and ease for security teams.

DevSecOps

Many of you have probably heard of DevSecOps. If you haven’t, though, this is for you.

DevSecOps is admittedly more of a mindset than a practice, but it technically qualifies as both. It promotes the idea that security should be “added to all business processes.”

This approach might seem intense to some businesses, but you can’t deny that it embodies the idea of agile security. If all business processes incorporate elements of security, the likelihood of something going wrong decreases greatly.

Needless to say, however, the DevSecOps approach is easier said than done for some companies. It stresses the idea that “everyone is responsible for security,” but, realistically speaking, some people are better-equipped to handle security issues.

Still, adopting this model is a great idea. Big data is our future, and we need to prioritize its protection. We can only do so by giving our current methods and systems a complete overhaul.

Just remember that Rome wasn’t built in a day. Start small and then make larger changes.

Agile Security At Its Finest

Your scrum team is well on its way to developing a killer agile security system. In fact, we’re willing to bet that it will be so good that it will anticipate problems before they even become…problems.

In any case, make sure that you and your team stay safe this 2017. Hackers don’t ever take breaks, so you can’t afford to either. Your days must be spent thwarting one hacker after the next.

If you find that you need a little help along the way, just reach out to us. We want you to succeed, so we’ll always make ourselves available to you. You can count on that.

Data Leakage vs Data Loss: What’s the Difference?

data leakage

Whether you are hosting a site for your blog content or responsible for maintaining multiple website for clients, dealing with data leakage or data loss can be a hassle. It could also cost you a lot of time and money.

Add to this list, you may be unable to recover your data.

One important fact to know about websites before building one is knowing that you could experience a data breach.

How will you detect the problem before it becomes widespread? How can you stop the loss of data from becoming widespread?  What will be your course of action?

Before you can answer these questions you first need to know what data leakage and data loss mean.

Data Leakage vs. Data Loss

Data leakage, also known as information leakage takes place when there is an unauthorized transmission of data from an organization. This data is then transmitted to someone outside of the company.

Data leakage is not always intentional. A data leak can begin when an employee takes a report home and accidentally leaves it on the train or bus. The leak occurs when someone comes along and takes the file.

An intentional leak is when data is purposely transmitted to someone outside the company who does not have a legal right to possess the information.

Leaks of information can be physical transfers or an electronic transmittal. A leak can also be as simplistic as someone memorizing data and using it outside the scope of their authority.

Data Loss differs from data leakage.

So What Is Data Loss?

Simply put, data loss is any loss of data whether intentional or accidental. If you no longer have access to your data it has been lost.

Data loss can occur on any device that stores data. Almost half of all data loss occurs as the result of hardware failure.

These type failures can be a result of memory loss, power outages and even Mother Nature. Failure to secure data on offsite servers can prove to be disastrous if there is a power outage, flooding, fire or other unforeseen disaster.

Other losses occur when data is purposely are accidentally deleted. There are also the pesky malware viruses and worst of all computer hackers.

Like with data leakage, losses also can occur with employees taking work home. In this case, data is lost when an employee loses control of a laptop and there is no backup version of the data it contained.

Is There a Way to Prevent Data Leakage or Loss?

There are no 100 percent fail-proof ways to prevent leakages or losses. Let’s face it, sometimes things are totally out of our control.

What you can do is implement measures to significantly reduce the opportunity for these mishaps to take place. Whether you are a one-man show or have employees you should have a plan of action.

The most important thing you can do to protect your data and keep a secure network is train your employees on how to protect your data.

Steps can be as simple as prohibiting employees from having beverages and food at their desk. You can also require employees increase password strength and to lock or log-out their computers whenever they leave their desks.

Backing up data is a must and should be done nightly. As mentioned above, having a secure offsite server can go a long way in recovering lost or damaged data.

Do you have a secure website?

Just as visitors to your site want to know if it is secure, so do cyber thieves. The reasons may be different but the answer should always be yes.

If your web URL does not begin with https it is not secure. This is likened to leaving your key in the door. It is an invitation to allow your data to walk out the door.

If you are operating an unsecured website you need to get SSL Certification.

Other Security Measures That Can Limit Data Loss

Stay alert and always know what is taking place on your network. This will ensure that things stay safe and secure.

As a website owner, you should know what it going on at all times. If there is a security breach, you should know. Was there an outage, is the system running slow, have there been failed logins?

It may seem inconsequential and over-reaching, but it is best to be safe than sorry. Cyber-security is an important part of conducting a business online.

Your first line of defense to prevent data leakage and date loss is to secure your data at all times.

Don’t be an easy target. Require everyone who has access to your website’s database user authentication. It’s a process that takes seconds, but trying to recover data can take days, months, years, or may be lost forever.

Are You on the Cloud?

The cloud has changed how we store data in today’s world. It has also created a new window of opportunity for theft.

Having 24-Hour access to your database is a great thing. It unhinges you from your office and gives employees more flexibility.  It can also eliminate the need for costly office space.

With these pros, there are a few cons. Whenever and wherever thieves see an opening they will try to take advantage of it.

The same security measures you would take in your physical office, you should take in the cloud. Secure your data and cut off opportunities for data leakage and data loss.

How Can SiteUptime Help?

SiteUptime offers website monitoring and reporting services. We are here to help you implement the tools needed to ensure your website is safe and secure.

Data leakage and data loss can leave a stain on your business reputation. Don’t fall prey to thinking it will never happen to you.

Reach out to us today and set-up a demo account to test our services. If you like the experience, we would love to be your security shield against cyber-mishaps, small and large.

13 Cybersecurity Terms Everyone Should Know

cybersecurity terms

We know. It’s a scary world out there.

It seems like every step you take can be uncertain and so can every move you make on the internet.

Every day you hear about how important it is to protect your personal information from identity theft or your business’ sensitive information.

We’ve already told you about the 8 Essential Cybersecurity Tools Your Business Needs. But do you know exactly what your business is defending itself from?

It’s okay, we’ll get through this together!

Come along as we go through the 13 cyber security terms that everyone should know.

Black Hat Hackers

When you think of hacking, in the classic terms, you are probably thinking of black hat hackers.

Wirey eyed tech pirates in dark rooms scrolling through information on their multiple computer screens looking for ways to crack your security codes in order to hold your personal information hostage.

Hollywood has been churning out movies about them for years. Even by name!

These hackers are the easiest to put a face on since they are proactively looking for ways to break through your cybersecurity to cause serious damage.

White Hat Hackers

On the other side of the spectrum, there are White Hat Hackers.

Think of them as the white blood cells of Cybersecurity. They hack into company’s systems to find out if there are ways they could be vulnerable to a cyber attack.

The importance of these noble hackers has increased more and more as businesses try to protect their information.

And some of them are rewarded handsomely as Kim Zetter reported to Wired “white hats can earn good money—anywhere from $500 to more than $100,000—by selling information about a vulnerability to companies that have bug bounty programs.”

It takes a hacker to know one and knowing the difference between these cybersecurity terms will help you to hire the right one if you ever need someone on your side.

Authentication

Out of all of the cybersecurity terms, this one relates most directly to you.

This is the step your security system goes through to correctly identify that the person accessing your information is actually allowed to see it.

This process is normally done through you choosing your own specific password or even by thumbprint or retina scan.

Encryption

Encryption relates to the protection of anything that you send to someone.

Whether it’s a video you have taken, photos of your newborn or just a silly cat meme, your computer codes this information so the person you are sharing it with is the only person who can access it.

This is what hackers are trying to break into in order to find sensitive information bank account numbers or social security numbers. This information is personal, and that’s why there has been a

This information is personal, and that’s why there has been a debate lately as to what constitutes as being private on your computer.

Botnet

This cybersecurity term refers to a network of computers that have been uploaded with malicious programs in order work around the clock to try and crack security codes.

These “bots” are also referred to as “zombies” since, you know, they are lifeless things that are trying to break through your security (eat your brains).

Brute Force Attack

This attack refers to either black hat hackers or botnets random attempts at guessing a business’s or an individual’s passwords.

Distributed Denial of Service (DDoS)

This type of cyber attack is the most common tactic that black hat hackers use to shut down a company’s web presence.

They incorporate multiple users and hosts to bombard a website with requests that freeze it and shut it down for a period of time.

These attacks have been happening on a large scale lately and have some of the world’s cybersecurity specialists worried.

Malware

Malware is “malicious software” that infects your computer or device in order to extract information and cripple its functions in order to hold you and your device ransom.

It can be installed on your device through bogus spam promotions found on the web or sent to you through email so be wary of anything that seems too good to be true or not legit!

Advanced Persistent Threat (APT)

Advanced Persistent Threats, or APTs, are attacks performed on a large scale usually by malware that has been installed in secret to topple a network or system over time.

These are possibly the scariest of all cyber attacks. As Forbes described them  “oftentimes, the hacking groups behind high-profile mega breaches are more organized, better funded, better staffed and more experienced than the security teams of their targets”

Phishing

Phishing is when a hacker poses as a service provider and tries to get you to provide your username and password to your company’s login or to access your personal information.

Spoofing

We wish we could tell you that spoofing is a whimsical and funny as it’s normal definition. But alas, it is not.

Spoofing is when a hacker changes the IP address of an email to seem like it is coming from a different place than it actually is.

This is done in order to gain your trust so that you can offer up information you normally would not.

Man in the Middle Attack (MitM Attack)

Man in the Middle Attack’s is usually performed when a hacker is able to get ahold of your information by breaking through your WiFi’s encryption and snagging your personal messages.

So make sure you change your password to something other than “abc123”.

Darknet

Darknet is the scary outer region of the internet where most the illegal and evil things take place.

It’s an unpoliced section that is basically the internet’s black market for drugs, guns, and a resource for black hat hackers to find hacking software and leads from other hackers on sensitive information.

It’s a scary corner of the net and is crucial to understand when it comes to your cybersecurity.

There You Have it – the 13 cybersecurity terms that everyone should know – Now You will Never Feel Like you are Out of the Loop Again!

With knowing the terminology and the tools to implement to secure your business you will never have to worry about the threats lurking in the deep dark corners of the web.

If you have any questions regarding other cybersecurity terms you may come across, feel free to get in touch with us through out contact page and we will break it all down for you.

Stay safe out there!

Bad News from Google: The Number of Hacked Sites Increased in 2016

hacked sites

Cyber attacks on websites jumped 32 percent in 2016 compared to 2015 according to Google’s latest website security report.

But the bad news gets worse.

Google predicts the growth in the number of hacked sites is going to become a trend. Their experts are willing to bet that percentage will grow every year.

Why?

Hackers spend their time aggressively searching for every possible vulnerability in a site. As websites are updated, hackers step up their own game.

They’re effectively playing a long game of cat and mouse with your business.

So in light of this news and in case you haven’t read up on hacking and internet threats in a while, here’s a quick primer to help you understand Google’s report:

The Most Common Hacks

“Hacking” is a general term so over-used it is effectively meaningless.

In this case, a hack is an attack, but it is not a single kind of attack.

According to Google, hacked sites might be a website afflicted with user-generated spam. Cloaked images, keyword stuff, redirects, or poisonous links also throw a website into the category of hacked sites.

Essentially, Google looks for anything spammy about a site and puts it on a watch list.

This stuff may sound benign to the average person, but it isn’t.

It’s akin to cancer for your code.

For example, you’ve spotted the gibberish hack when you come upon a page filled with nonsensical words and phrases – normally keywords to boost the site on Google’s search ranking.

Google also lists the cloaked keywords hack as a prominent method.

This hack is more difficult to spot because the pages sometimes look like the original template. But, if you look closely, you can see words, images, or links that don’t belong.

In both cases, the unwanted content is hiding something malicious.

When you try to visit the page, the link redirects somewhere else. Often a pornography site, but sometimes more nefarious pages.

 

Why Have They Come for YOU?

Hackers have various motives when they go after websites.

While we can’t pretend to be in the minds of the anonymous attackers hiding behind their keyboards, some motivations are easy to discern.

If your site is privy to sensitive customer information, it holds valuable data for attackers. Credit card numbers, PII, and passwords are a mighty bounty for hackers.

Hacktivism is often spurred by political motives. Depending on your site, you might be hacked to send a social or political message.

Example: the Ashley Madison hacks in 2015 were the work of vigilantes.

Your business or website may not provide a platform for people to cheat on their spouses. But generally speaking, most businesses have enemies, even if those enemies are simply anarchists or anti-capitalists looking to take down the whole system.

Deploying malware is another common goal of hacking. By breaking into your website, the hacker can spread malware, which can mutate and spread further to achieve whatever aim was programmed into it.

The most concerning hacker incentive is fun. Some hackers simply want to vandalize your site because they can. There is no other reason. These hackers are hard to predict, which means you must be vigilant.

Mounting a Defense

You can’t prevent attacks, but you can prevent their success.

Google and any security company worth their weight in salt advocates taking preventative measures in securing your site.

Identifying vulnerabilities on your website is essential for closing the gaps and eliminating the holes hackers use to take over your site.

Google also recommends paying attention to announcements and updates provided by software and hardware vendors and any Content Management Systems.

Those updates often provide fixes for any backdoors identified by their own security teams.

You can also run a vulnerability scan on your site for a more thorough screening.

A vulnerability scan is not an antivirus scan. While antivirus looks for viruses and malware only, vulnerability scans cast the net wider while simultaneously diving deeper.

These scans will tell you about:

  • Weak passwords
  • Permissive coding (which lets hackers in)
  • Out of date software
  • Viruses hiding in admin system

When you can identify your website’s weaknesses, you’re better able to build up your defenses precisely where they’re needed.

Checking for Domain Name System (DNS) threats is also important and DNS monitoring is essential. As we told you in a previous post, DNS attacks have increased by more than 200%.

A good website monitoring service is also helpful. Website monitoring checks up on your site more often than you ever could (every 2 minutes from different locations) to make sure your site is up and running.

Having a site monitoring system in place is an effective preventative tool because if your site goes down, you’ll know immediately. No need to wait until you’re flooded with emails concerned.

Register Your Site with Google’s Search Console

Google isn’t able to warn every customer about their hacked sites. Google’s report noted “61% of webmasters who were hacked never received a notification from Google.”

Google isn’t doing this to be the bad guy – they rely on webmasters to verify their sites through Search Console to better be able to get in touch with them.

Registering your site with the Google Search Console is a simple and effective security measure with tangible benefits.

As Google says, “84% [of] webmasters who do apply for reconsideration are successful in cleaning their sites.”

Hacked Sites: The Bottom Line

Hacked sites can not only be taken down by hackers, but they often need to be removed to be cleaned on their own as well.

This is a huge deal for your company.

Industry surveys suggest an average loss of $5,600 per minute when a hacked site goes down.

After 60 minutes, the average to a business is over $300k.

That figure doesn’t include the time and resources required to fix your site.

The bottom line is no one can fully protect your site from being attacked. But you can change what happens after your site is targeted and to keep your website up and running.

The number of hacked sites will continue to grow over the next few years. Your site may be one of them.

What does your company plan to do to protect your website? Let us know in the comments.

 

 

 

DNS Monitoring: How to Check Your Traffic for Threats

DNS Monitoring

Cybercriminals are becoming more sophisticated in their attacks.

The Domain Name System (DNS) serves as a website’s identity and is the core component of its security architecture.

Unless your website has the appropriate DNS monitoring in place, there’s no reason why you cannot become a cybercriminal’s next victim.

We are offering informative tips on how to prevent security threats.

Why Do Cyber Criminals Target DNS?

Unfortunately, cybercriminals will target a vulnerable internet service or protocol, including a website’s DNS.

They can then register disposable domain names for a spam campaign or botnet administration.

What’s more, an attacker could use the domains to host malware or phishing downloads.

Malicious queries can also exploit a nameserver or disrupt a name solution.

Sadly, the cyber-attacks can potentially destroy a website’s performance, function, and reputation.

The servers of Dyn are a perfect example.

The company controls some of the internet’s DNS infrastructure. It experienced a cyber attack that brought down much of America and Europe’s internet on October 21st, 2016.

The new Mirai botnet attack has been classed as the largest kind in its history.

A variety of high-profile websites experienced a downtime, such as Twitter, The Guardian, CNN, Netflix, and Reddit.

While it may be a feat to prevent every potential DNS threat affecting a website, it’s essential to take action to avoid falling victim to a cyber attack.

Why DNS Monitoring?

More than a quarter of companies haven’t established responsibility for their DNS security, despite the fact DNS attacks have increased by more than 200%.

To prevent a website from becoming a cyber attack target, you must embark with regular DNS monitoring.

A DNS log monitors every connection your website makes with a visiting device.

To maintain website security, it’s essential to embark with DNS monitoring to inspect the traffic between a device and your local recursive resolver.

The forensic analysis can ensure you:

  • Identify the websites visited by an employer
  • Discover the malware/botnets connected to the C&C servers
  • Detect a DDOS attack
  • Pinpoint the Domain Generation Algorithm (DGA) and malicious domains accessed
  • Identify the dynamic domains accessed

When analyzing the DNS log, it’s essential to verify each domain against the DGA and malicious domain database.

If you’re unsure of where to start with DNS Monitoring, we’re offering six security systems to help you proactively protect your website.

1. Firewalls

Firewalls have the potential to expose DNS threats, so they’re an effective tool for DNS monitoring.

Most firewalls will allow webmasters to define rules to prevent IP spoofing.

For example, you could enter a rule that denies DNS queries from IP addresses outside an allocated number space. This could prevent a nameserver from exploitation in a DDoS attack.

It’s also beneficial to enable DNS traffic inspection for suspicious byte patterns or irregular DNS traffic, so you can take the steps to block a nameserver software exploit attack.

2. Traffic Analyzers

One of the best ways to identify harmful malware traffic is a passive traffic analysis.

A traffic analyzer will allow you to both capture and filter DNS traffic between a device and your local recursive resolver, which you can then save to a PCAP file.

Webmasters must create scripts to search the PCAP file to identify specific suspicious activities.

3. Passive DNS Replication

Passive DNS replication allows a webmaster to use sensors at the local recursive resolvers.

This creates a database containing each DNS transaction, such as the query or response, through a resolver or set of resolvers.

The replication can be instrumental in identifying one or more malware domains, particularly in cases when the malware operates algorithmically generated domain names (AGDA).

4. Intrusion Detection Systems

An effective intrusion detection system allows you to create rules that allow reporting on DNS requests from unauthorized networks.

It is beneficial to compose rules to either count or report:

  • NXDomain responses
  • DNS queries via TCP
  • Responses that contain resource records with short TTLs
  • Unusually large DNS responses
  • DNS queries to non-standard ports
  • plus more

All DNS queries should be carefully reviewed.

The intrusion detection systems can be integrated into firewalls, which will allow you to deny or permit rules for many of the checks listed above.

5. DNS Monitoring with Local Resolver Logs

Your local resolver logs are probably the most obvious and essential way to embark with DNS monitoring.

By enabling resolver logging, you can use a variety of tools to collect DNS server logs whilst exploring known malicious domains, such as OSSEC.

6. A Secure Registrar

Most websites are registered via a registrar company.

Unfortunately, if a cyber-attacker can compromise the account with the registrar, they can gain control over your domain name.

This means they can point the registrar to their chosen server, including their nameservers.

What’s more, they can transfer the domain to either a new owner or an offshore registrar – which means you might be unable to recover the domain.

Many intelligent cyber attackers may target an account’s password, or they may even launch a cyber attack on the registrar’s tech support.

You’ll want to avoid registrar hijacking, so you should select a registrar that provides heightened security precautions.

Look for services like multi-factor authentication.

Suspicious Signs to Analyze

It is important to pay close attention to any potential signs of malicious activity on your network.

We recommend analyzing the composition characteristics and length of DNS responses. This could help to identify malicious intent.

If the response messages are unusually large, this could be an amplification attack.

You should also review the answer or additional sections of the response message, which could be a sign of cache poisoning.

Conclusion

The biggest risk to a website is ignorance, which will not be bliss when you suffer a cyber attack.

There are various forms of DNS monitoring that will allow you to expose threats and keep your website secure.

It is up to a website admin to determine the right strategy to detect suspicious or malicious activity on your network.

While DNS monitoring doesn’t sound like a fun thing to do, it is essential for the security of your website.

Ensure you take the necessary steps to stop a cyber criminal in their tracks.

Why System Downtime and Slow Speeds Affect SEO

System Downtime

The world today is experiencing an increased demand for immediate gratification. People expect instant access to information, and the reasons aren’t hard to pinpoint.

Ever-increasing Internet speeds are allowing people access to information at an unprecedented rate. In a three year gap between 2011 and 2014, Internet speeds increased by 10Mbps.

To put that in perspective, in 2000 a mere 200kbps met the FCC’s definition of advanced Internet services.

Couple this with the 207 million smartphone users in the US, and it makes sense that attention spans are decreasing.

A study by Microsoft Corp. helps bring to light just how short our attention spans have become. People generally can’t focus for more than eight seconds. That’s a one-second shorter attention span than a goldfish.

This impatience also effects website load times. After all, what’s the point of fast internet access if web pages load slow?

An astounding 47 percent of users expect a web page to load in two seconds or less, and that number will surely rise.

Google long ago took note of this trend and incorporated site speed and system downtime into their algorithm.

Keeping pace in modern SEO means keeping pace with shortening attention spans and user demands for speed.

System Downtime

System downtime is never positive. Yes, site maintenance and other small issues force websites down occasionally, but Google remembers even the smallest amount of system downtime.

Understanding why Google punishes websites for their downtime is the key to minimizing its impact on SEO. We’re broken down Google’s rational into three main categories.

Google Loves Crawling

Google indexes your website with its “spider” tool that “crawls” your web pages. Put another way, Google checks your website for new content and backend updates.

When a website greets Google with an error code, for instance, a 500 internal error or 503 response, the website interprets your system downtime and adjusts your SEO rank accordingly.

In general, the longer your site throws an error code, the more Google will penalize your ranking. However, some error codes hurt more than others.

A Moz study found that the 500 internal server errors occurring intermittently caused keywords to drop out of both the top ten and top 20 rankings. The pages in question also received less “crawls” per day. Fewer crawls mean fewer opportunities for Google to record SEO signals and therefore worse SEO potential.

The 500 internal error was also found to wreak havoc during consistent downtimes. Domains dropped anywhere from 5 to 100 positions for tracked keywords.

The User Knows Best

Google is increasingly focused on providing users with the best experience possible. This has continued with the recent release of Penguin 4.0.

Google interprets that your website isn’t user-friendly if you’re dropping keywords and other backend metrics. Inconvenient website’s earn lower rankings.

Former Google employee, Matt Cutts, elaborated on the impact downtime has on user experience during a Google Q&A session.

Cutts said, “If your host is down for two weeks…there’s a better indicator that your website is actually down, and we don’t want to send users to a website that’s actually down.”

Keeping your website active is crucial to providing a positive user experience and winning Google’s favor.

If your website must go down, make sure to issue a 503 error. The error code tells the Googlebot and users that the downtime is temporary. Warning Google allows them to hold off on reducing your search rank.

Site Speed

Site speed is an almost entirely user-based metric. While Google factors things like keywords and links into relevance and other SEO signals, site speed is only factored into the end user experience.

We’ve already touched on how impatient users are, but that impatience that is critical to understanding site speed. In fact, the site speed metric exists because of user impatience.

The term site speed refers to how quickly a web page loads. Several metrics measure actual loading time:

  • Document complete time measures how fast a web page becomes interactive.
  • Fully rendered refers to when your web page is fully loaded with advertisements and all background elements.
  • Time to First Byte refers to how long your browser takes to receive the first byte of a response from a web server after requesting a URL
  • Page Size is the total amount of bytes that make up your page vs. how long the page takes to fully render

How to Optimize Your Speed

The goal of increasing site speed is tailoring your website to capitalize on each metric. For instance, the page size is an easy metric to optimize for. Decreasing your overall page size will usually decrease your time to full render.

Other metrics are harder to capitalize on. All load time metrics can benefit from a better host, but better hosting costs money. Likewise, optimal HTML structure and web compression are hard to implement for the average user, but both guarantee increased site speed.

Other, easier, methods for increasing site speed are avoiding flash and reducing your image sizes. It’s important to optimize for every metric possible when seconds matter.

Wrapping It All Up

Site speed and system downtime are two important metrics that Google uses to determine SEO rank. Each has an effect at the algorithm level, but it’s important to remember that Google’s focus is ultimately on end user experience.

Anything about your website that hinders user experience is likely to hurt your SEO.

Ask yourself this: are there any elements to your website that you dislike or that make use difficult? Does your website load slowly, is it always going offline?

If your answer is yes Google has already penalized your search ranking. Our product makes sure that website downtime no longer affects your search rank.

We understand that time is of the essence, and provide users with real-time website monitoring and instant alerts to any errors or issues. We also offer a custom API for deep integration into website diagnostic data.

Our companies goal is to keep your customers engaged by keeping your website online.

If you have any further questions about our product, please contact us here. We’re always eager to help new customers.