Wednesday, January 24, 2024
Hostinger has been keeping your websites secure since 2004. Every year presents new website security challenges and 2023 was no exception. Last year was famous for the rise of artificial intelligence, which is also being used by cybercriminals.
Find out how Hostinger prevented attempts by malicious actors to breach the websites of more than 2 million customers in 2023. Along with the five lessons learned, we’ll also share some insights to help you avoid cyber threats.
Sales attract malicious actors
Hostinger Malware Scanner, powered by Monarx, detected and cleaned nearly 500 million instances of malware all year. The number of malware cleaned is twice what it was in 2022, largely because we learned how to deal with Phoenix, a delivery program that delivers other malware to systems.
After excluding the Phoenix influence, there actually was one significant increase in the number of unique pieces of malware over the past yeara trend that is likely to continue.
Malicious activities peak during sales periods when more people are online, they spend money and may not be as careful about security. Our malware scanner worked tirelessly during heavy sales in November and December, and small spikes were seen in May and August.
In addition, genetic AI is increasingly contributing to an arms race with hackers by making malware more sophisticated and destructive.
Enterprise Raiders target small businesses
Web shells, downloaders, and adware still dominate the website malware charts, but new threats are emerging for small businesses and mom-and-pop shops.
First, ransomware increasingly targets them by encrypting data and demanding ransom for recovery. A year or two ago, it mainly targeted large, solvent businesses.
Second, cryptocurrency miners are stepping up their operations, particularly when bitcoin prices fall and the number of traditional miners declines, making mining on web servers profitable.
After all, redirects are gaining popularity and are a significant threat due to their rapid volatility, often infiltrating both good files and databases. The wp_posts The table is particularly popular, but it can be anywhere.
Dealing with 500 DDoS attacks a day is the new normal
In 2023, our infrastructure faced us over 185,000 distributed denial of service (DDoS) attacks, averaging 500 attacks per day. Data centers in the US suffered the highest number of attacks, followed by Brazil and India.
Us advanced traffic filter effectively prevented the majority of DDoS attacks by automatically activating within seconds and diverting malicious traffic in the presence of the filter. This method has allowed us to reduce the use of remotely activated black holes by up to 95%, resulting in better uptime for our services and customers.
The traffic filter has handled some very powerful attacks. Several of these took place just before the major holidays on December 21 and 24 at the Singapore data center. The first lasted for more than 6 hours, hitting customer websites at 2.3 million packets per second (Mpps) and 18 gigabits per second (Gbps). A few days later, another attack unfolded, peaking at 3.6 Mpps and 1.3 Gbps.
The good news is that neither these nor the myriad other attacks had any effect on our infrastructure or your websites.
The power struggle between Botnets and CDNs
Botnets, particularly Mirai, represent another type of malware that has seen an increase alongside improvements in content delivery networks (CDNs). To simplify, the better CDNs get, the bigger botnets you need to successfully flood websites and vice versa.
An illustrative example is found with Hostinger CDN. Launched in the middle of last year, it automatically mitigated many attacks, including a significant one. Over three hours, more than 10 million requests per second (Mrps) overwhelmed a client’s website. After the incident, our experts analyzed the data and put it to use improve our CDN, making it three times more powerful than it was before the attack.
Obviously, this incident doesn’t match the record 71 Mrps attack that Cloudflare mitigated last year. However, it is important to note that our clients are not Fortune 1000.
Beware of fake and unsafe plugins
WordPress, used by 43% of all websites, including over 3 million hosted by Hostinger, is the most popular content management system. No wonder it continues to be a prime target for cyber threats.
Major WordPress security vendors such as Patchstack, WPScan, and Wordfence identified over 4,000 common vulnerabilities and exposures (CVEs), accounting for approximately 14% of all CVEs discovered last year.
Add-ons are at the core of these vulnerabilities, with fake plugins leading the way. The details of these additions may vary, but both their quality and quantity are increasing rapidly. We expect this trend to continue throughout 2024 as genetic artificial intelligence makes creating fake additions even more accessible.
For Hostinger customers, Automatic WordPress updates and vulnerability scanner come to the rescue. The scanner immediately notifies customers if vulnerabilities are detected on their websites and provides advice on the necessary actions.
How to keep your business safe online in 2024
While the challenges may seem overwhelming, securing your business online is within your control. Choosing a reliable hosting provider is crucial, reducing concerns about most potential threats.
I am looking SSL certificates, malware scanner, web application firewall, DDoS filtering, built-in CDN, automatic updates, backups and 24/7 monitoring. Fortunately, since you’re already on the Hostinger blog, the solutions you need are just a click away.
Giedrius is Hostinger’s Chief Product Officer. Leads and facilitates product management teams to ensure they create products that deliver value to both the user and the business. Giedrius has a strong technical background, is passionate about using technology to solve real-world problems and make people’s lives easier.
