8 Tips to protect against hacking attacks for online retailers
In 2018, almost 30 billion hacker attacks were carried out with the intention of logging into a website with stolen data. Online retailers in particular bear responsibility not only for their own data, but also for that of their customers. We have protection tips.
This year’s safety report report from CDN provider Akamai “State of the Internet” presents alarming figures: in 2018 there were almost 30 billion hackers attacks were carried out with the intention of logging on to a website with stolen user data. Online retailers in particular carry not only for their own data, but also for their Customers the responsibility.
Trusted Shops has tips for online retailers on how they can protect their shop from hacker attacks.
1. Use complex and secured passwords
Online retailers need passwords to log in the account, for example for administrative access to the shop online, access to databases or web hosts. It is advisable to select passwords that are as complex as possible, that includes the combination of letters, numbers and also some special characters and they should be more than eight characters long.
Passwords that are too simple or too short can easily be decrypted. Different passwords should also be used for each access in order to prevent total damage if a single password is lost. A password manager helps manage the different passwords.
2. Use virus scanners and firewalls
Virus scanners can ward off viruses and Trojans. A firewall is also useful, on which no changes can be made without permission. The programs must always be kept up to date. The operating system must also be updated regularly; here too, possible security gaps are closed by the manufacturers.
3. Keep the shop system up to date
The same thing that applies to virus programs and operating systems is also crucial for the shop system: always keep up to date. Most providers make regular updates available, in which known vulnerabilities are closed and security-relevant features can be included.
4. Sting with write rights on the web server
The more files have write permissions, the greater the risk that malware can get to the web server. In the worst case, these files read out customer data. It is therefore important to only assign write permissions where they are really needed.
5. Secure forms
Forms are often used as a gateway for malware, for example search forms, user registration or customer login. The program code defines how this data is processed and read out. For this reason, algorithms should be built in when the code is created, which make it difficult for malware to penetrate the system by means of so-called code injection attacks.
6. Encrypt sensitive data
There is no one hundred percent security and there will never be one. No manufacturer can remedy unpublished vulnerabilities and therefore every system will always remain vulnerable. It is therefore all the more important to be prepared for the worst-case scenario.
A very effective method is to only save the data in encrypted form and to keep the key safe and separate from the data. If an attacker gains access to the system, he will only find unreadable data.
7. Get professional support
Nobody can be a specialist in everything. This applies particularly to information security. There are solutions and specialists for this that can assist in securing the online shop and can clearly state where the vulnerability lies in the system. The range extends from automated vulnerability scanners to external information security officers.
8. Professional Ethical Hacking Training
A professional ethical hacking training is also helpful for you to protect you and all of your online assets. Training from professional institutes will enable you to learn the basic to advanced levels of ethical hacking and ensures that you will be able to protect all the online assets including the online shops. Not only this ethical hacking is a great career options as well for students as there are lots of career opportunities in ethical hacking and cyber security.