A new ransomware threat was discovered at the end of September (2016). FairWare deletes websites from web servers and then demands a ransom to have them reinstated. Bleeping Computer (http://www.bleepingcomputer.com/news/security/new-fairware-ransomware-targeting-linux-computers/) reported that the ransom was 2 Bitcoins, which works out at around £850, with a two week payment deadline.
Duo Security reported a similar set of attacks which seem to be the same hack (read more here http://www.bleepingcomputer.com/news/security/hacked-redis-servers-being-used-to-install-the-fairware-ransomware-attack/).
From the reports it looks like the ransom part of the attack is a scam. The hackers have no intention of reinstalling the deleted files and are just going to take the money and run.
This ransomware attack profile is on the increase at the moment as hackers have found it to be a very profitable method. Quite often businesses find that it’s cheaper and easier to simply pay the ransom than to rebuild their websites.
Is Your Website Safe?
Your website is simply a collection of computer files stored on a hard disk connected to what is known as a Web server. Web servers are specially configured for the job but essentially they are just computers connected to the Internet. For your website to work the server has to talk to your visitors’ computers to send and receive information to display your site. But this also means that hackers can talk to your Web server as well.
The recent attacks were discovered on poorly secured servers. In other words, some back door entry points had been left open on the computers and these were exploited by the hackers.
The computer housing your website will probably be managed by your hosting company. Most hosting companies know their job and their servers will be secure. However, if you are sharing a server with other websites, as most of you will be, you are partly relying on these other Webmasters not opening any backdoors through their website code.
Always Keep Backups
No matter how secure your Web server is always take backups of your website files and your database (most websites have an integrated database). When making backups make sure the time you leave between each run is small enough to let you recover your data without too much loss of information. For example, if you take weekly backups could you cope with losing a whole week’s worth of website order information?
Choosing Your Website Hosting
If you’re unsure about the security of your Web server please do get in contact. I’ll be happy to discuss what you currently have and what options are available to you.
Have a look through my other blog posts to get more information on website security.
And don’t forget to connect with me on social media or through my newsletter to get all my updates.
