The Web For Business.com Blog

Internet marketing observations, perspectives, tips and tricks for your education and enlightenment.


Cryptocurrency Mining, Your Website, and Hackers

Mark Kawabe - Tuesday, October 10, 2017

Cryptocurrency Mining and Website SecurityJust when you thought there wasn't anything to steal from your website, those darn hackers are a step ahead of you - again. This time, it's your computing power, and that of your site visitors.

Why Computing Power?

Cryptocurrencies can be "mined". I won't get into detail on what this entails, but fundamentally, cryptocurrency mining requires a lot of computing power. That's where your website comes in. With a little piece of code, hackers can exploit not only the computing power of your hosting company's network, but also the computing power of your website's visitors. This kind of malware has been found on approximately 1.65 million users of the Kapersky Labs's security software.

This problem isn't just limited to small business websites. Enterprise networks that aren't secure are also a prime target. It's easy to see why. A large botnet of compromised computers engaged in cryptocurrency mining can make tens of thousands of dollars every month with little to no effort on the part of the hackers. Clearly, when one can make this kind of money anonymously, doing mostly nothing, there's a significant incentive for hackers to get hacking.

What's the Problem?

If your website gets hacked, you can expect to see significant performance hits as your host's server CPU resources get diverted to mining activities. Additionally, you'll be responsible for potentially distributing the mining malware further to your site visitors. In short, the only benefit to this is to the hackers.

Pay attention to your website security. There are plenty of resources available to help secure your website, most of them available for less than $1 a day. It's easy to do and can help protect you against existing and emerging threats to your online presence.

And So It Begins

Mark Kawabe - Monday, January 09, 2017

The Most Valuable Real EstateToday's the day most of us find ourselves back in the office after a well-deserved holiday break. Welcome back! For your new year's pleasure, I present a few thoughts on what will be important to think about when it comes to your business' online presence.

Security

I spent a lot of time over the break helping a former client deal with their hacked WordPress website. Resolving the hack required professional help beyond my level of expertise, and in the end, the site is now clean. While we weren't able to discover the root cause of the hack, I discovered many things that were troubling.

  • There was no license for the theme used for the site, so there had been no theme updates since 2015.
  • The theme came with a number of bundled plugins. These had also not been updated since 2015.
  • Many non-theme-related plugins hadn't been updated.
  • Backups had not been done on a regular basis.
  • Yada yada . . .

My Suggested Resolution For WordPress Site Owners: Make security a priority. Here's an action plan.

  1. Check to make sure everything's been updated. Themes. Plugins. Verify you have licenses. Many are good for a year. If they're only good for a year, make sure they get renewed.
  2. Backup your site regularly. I use BackupBuddy, but it doesn't really matter what you use, as long as you back up. By regularly, I mean a full weekly backup of your database and files at a minimum. If you have a site that changes daily, then do a full daily backup. Store your backups on a different server than your website is on if possible.
  3. Install security software. I use iThemes Security Pro. Wordfence is another one that seems to be good.
  4. Change your passwords. If you don't know what a strong password is, then you probably don't have one. Get one. WordPress will make one for you. I suggest you use it. Call me if you have questions.
  5. Stay on top of things. WordPress, themes and plugins are updated regularly. Hacks evolve regularly as well. Vigilance is important.

If you have a WordPress website and you're not sure if it's secure, contact me and I'll be happy to help.

Here's wishing you a happy, healthy, prosperous and hack-free 2017!

Halloween's over, but the world is still scary

Mark Kawabe - Monday, November 04, 2013

We take much in our lives for granted. Technology especially so. Everything just works most of the time.

When it doesn't, wow.

I just read a tale of how hackers were relatively easily able to destroy a guy's digital life, using pretty common information that you've probably given away to hundreds of people in your life.

The tale is here.

If you think this won't happen to you - not that it can't, but that it won't, I urge you to reconsider your perspective.

Of course, what others can do to us pales in comparison to what we can do to ourselves through lack of foresight and diligence.

It is my hope you have at least one backup of your important data files. If you have something local AND online, so much the better for you if things go awry. Your primary hard drive failing is bad enough. Having your home or office burn down and torch your local backups is even worse if you don't have a remote backup to turn to.

Now that I've totally cheered you up this beautiful Monday morning, I'll ask you to watch for my next post where I announce the winner of last week's draw.

Happy Monday!