Category Archives: Malware

Law Firms Need Website Backup More Than Ever

February 21, 2013 by admin 1 Comment

If you work for a law firm, it is unlikely that the idea of protecting your firm’s website has entered and lingered in your mind. Attorneys and paralegals are focused on clients, not websites. Most firm’s sites contain service descriptions, company history, and contact information, so if they were hacked it wouldn’t be that big of a deal, right?

Wrong. Just ask Matt Passen.

Passen Law Firm Becomes Victim of Malware Cyber Attack

Passen Law Group is a two-man personal injury firm in Chicago. As told by USA Today, in June of 2011 Matt Passen went to his site and says he was confronted with “a series of letters and numbers that made no sense to me.” Passen soon learned that he had been targeted in a slew of malware-based cyber attacks.

Being infected means lost traffic, not just an ugly webpage- Google actively blacklists websites that are known to be infected with malware (currently 700,000+), rendering the sites invisible to searches, or marked with a warning not to visit it. The idea of not having a searchable web presence is unacceptable.

Passen needed to remediate immediately, and after a few weeks and three separate attempts by hired professionals to remove the malicious script, Passen’s site was finally back to an uninfected state. But what did he lose by not preparing for a situation like this? He put it best himself by saying: “It will easily cost us a couple thousand dollars to remedy, and I can’t tell you what the costs are in terms of lost business opportunity.”

What Could Passen Have Done?

Matt Passen could have dedicated a considerable amount of time each day to manually checking his site for unsolicited changes. He could have downloaded his site’s source code and compared it line-by-line to a prior version in order to detect discrepancies between the two. If he found something that didn’t look right, he could rollback to an earlier rendition of his site by finding that version’s source code and pushing it onto his server. If he had done this each day, he would have caught and eradicated the malware in a shorter timeframe, and with less damage.

Unsurprisingly, Passen didn’t do any of that. Shifting focus away from day-to-day professional responsibilities in order to manually monitor a website isn’t a feasible option for most. Luckily, it isn’t the only option.

CodeGuard, a cloud-based website backup, monitoring, and restore service could have easily lessened Passen’s burden. After a simple initial backup, CodeGuard monitors each site for malware every hour and completes daily scans for file changes. Should a site become compromised, the user receives an email notification from CodeGuard. But it doesn’t stop there: we store every backup taken of your site, so someone in a situation similar to Passen’s can choose a prior version and quickly restore their site back to an uninfected, fully functional state.

Law Firms Need CodeGuard

Law firms are prime targets for hackers because website security is not currently a priority in the legal industry; regulation, competition, and client-servicing dominates mindshare. Here are two things law firms stand to lose by not focusing on properly protecting their websites:

1. Losing potential clients- without a searchable web presence, site traffic will plummet. In today’s search dominated lifestyle, you will lose industry traction by not appearing to potential clients looking to utilize your services.

2. Losing credibility- current and prospective clients may perceive your firm as unprepared and insecure, and choose to take their business to a competitor whose site and content hasn’t been tampered with.

CodeGuard is part of a solution that helps protect against real struggles that law firms face, and should firms encounter difficulties with their website, can help to quickly remediate the problems. Law firms have enough things to worry about – the website shouldn’t be one of them. Talk with your IT department or webmaster about giving CodeGuard a try before it’s too late, and gain peace of mind that you never knew you could have!

-Sarah

→ 1 Comment

Posted in Backup, Exploits, Law firms, Legal website backup, Malware

Tagged Legal websites, website backup

Malware Part 2: Your Website Is Hacked

April 12, 2012 by admin Leave a comment

So last week we talked about malware on your computer. Now what happens if your website gets hacked?

Once again, you may be thinking, do I really need to worry about this? I am not a huge company; I don’t capture oodles of personally identifiable data on my site, who is going to bother me? Well, it only takes one disgruntled employee, one unhappy customer, or a single hacker with a lot of time on their hands looking for a target. Thousands of sites are hacked or blacklisted DAILY.

If a hacker gets into your website it can be a huge problem. They could change the content of your site, add additional pages for phishing (trying to trick users into giving up personal data), or they can add scripts that can attack any computer that visits your website (i.e. attack your customer’s computers). Some malware will gather information about your users, stealing email addresses and any personal information it can find. A hacked site can mean you are blacklisted by search engines and browsers; then your website is essentially dead.

In the February 2011 study, Compromised Websites: An Owner’s Perspective, 63% of website owners had no idea how they were hacked and many struggle to get their sites operational and secure after an attack.

How Does Someone Hack a Website?

There are a variety of ways that your website can be hacked or a victim of malware. Here are some of the more popular methods:

SQL Injection – entering code into web forms or login fields or browser address field on your website can trick your site into granting access to the database, application, or system. Take a look at this video to see how easy it is for someone to get into a site using this method.

XSS or Cross Site Scripting – injecting scripts or iframes into your site and collecting cookies; thus giving access to your users info or even your admin info. If you are really curious (and can get past the video intro), this video will show you how it works.

FTP Account Compromise – sites can be infected if the FTP credentials are sniffed by a Trojan or virus on the computer of an unsuspecting user. The malware “listens” to the transfer of the credentials and then steals them.

Password Cracking – This is somewhat self-explanatory. Most people fail to keep secure passwords or never change from a default password. This allows hackers to sniff around until they find vulnerability.

Here are a Few Steps You Can Take to Protect Your Website:

Know what software you are using. If someone else has created your website for you, have them document what is installed; where it is, and what it does.
If you use a content management system (CMS) like WordPress for your site, make sure you install the latest versions when they are available.
Only install reputable add-ons, plug-ins, and modules. Read reviews, ratings, and do your own research to find out if the coolest new widget comes from a reputable source.
Make sure all widgets, modules, add-ons, and plug-ins are up-to-date – particularly those incorporating web forms or enabling file uploads.
Check your site regularly or use a service like CodeGuard which will alert you when there have been changes to your site.
Use secure passwords. If the login to your site is ‘Admin’ and the password is ‘admin’, you are just asking to be hacked. Get smart and use a complex password that someone cannot easily guess.
Limit access to your site. Not everyone in your company needs to have admin privileges. Be judicious when you hand over the keys to your website.
Last, but certainly not least – backup your site daily! If your website does get hacked, having a backup from the previous day will ensure that you can get your site back up as soon as possible and reduce any development costs or data recovery costs.

Good luck!! We’ll have your backup if you need us.

→ Leave a comment

Posted in Backup, Browsers, Malware, Uncategorized

Malware Part 1: Your Computers

April 5, 2012 by admin Leave a comment

You are happily running your business– phone calls, emails, invoicing, helping customers, birthday lunches for your employees. You have a lot of stuff to worry about every day. The last thing you want to worry about is malware. But, unfortunately, you do need to worry about malware.

What is malware?
Malware is a whole class of malicious software that includes computer viruses, worms, trojans, adware, spyware, crimeware, scareware, rootkits, and other unwanted programs. In a nutshell, it is nasty stuff and you do not want to have to deal with it. Malware can infect your computers and your website. This week we’ll talk about your computers.

So, do I really NEED to worry about Malware?
Yes! A computer system failure of any kind can damage the reputation of your company and cost you real dollars. In the Symantec 2011 SMB Disaster Preparedness Survey, computer downtime cost small and medium business (SMB) owners an average of $12,500 per day. Even worse, 54% of SMB customers reported having switched SMB vendors due to unreliable computer systems. That is truly scary – a computer virus could mean you lose your customers. Malware is a big deal, especially to a small business.

Holy Hackers Batman, what do I do?
Here are some simple steps to protect your computer data:

Use a secure password. If you have trouble remembering any password that is not the name of your great aunt, try a password vault such as LastPass. Not only will it generate complex passwords for you, it will remember them as well.
Install anti-virus software and keep it up to date. Kaspersky, Symantec, McAfee – whatever you would like – but make sure it is up-to-date, running daily, and stop swearing at it when it wants to do a scan. Anti-virus software is your friend.
Backup your data. So unglamorous to do, but trust me, it is well worth the effort. In the event of a computer disaster, you will be able to get up and running with the least amount of pain. There are many tools out there to back up your PC or Mac.

Stay tuned for next week’s post Malware Part 2: Your Website.

→ Leave a comment

Posted in Backup, Malware, Uncategorized

Google Segments Offending Sites: Distribution Domains vs Compromised Sites

December 6, 2011 by admin 3 Comments

Read on Google Online Security Blog

“Google announced last week that it would be expanding the program, Safe Browsing Alerts for Network Administrators, to also include malicious domains to the information available to Web site administrators” states Carlton Jurvis of SecurityManagement.com.

This is an interesting twist, indeed. As Nav Jagpal states on Google’s Online Security Blog, “distribution domains” are created explicitly to distribute malware and launch exploits, as opposed to “compromised sites”, which are run by “innocent webmasters”. No information is provided that reveals how Google will determine if a site is an evil distribution domain or an innocent compromised site, or the repercussions of falling in either bucket.

Rest assured, however, that this distinction will be key moving forward. Google rarely discloses changes in policy on the Online Security Blog, and webmasters should be wary. If you do not have a service that monitors the status of your site as Google sees it, now is a good time to start. Make sure you don’t end up misclassified as a “distribution domain”; the results will likely be unfavorable.

Examples of the information provided to webmasters is below.