SMEs need more secure web hosting to fend off cyber-attacks – security expert

25 Jun 2012

With as many as 20 Irish websites hacked every week, a security expert has urged Irish business owners to be more careful when choosing web-hosting services.

Figures from the independent cybercrime archive Zone-h.org, which records attacks against websites, shows that .ie web addresses are defaced on an almost daily basis.

This tallies with data from the voluntary security response group IRISSCERT, which had 441 incidents reported in 2011, of which 408 involved Irish sites being hijacked to host phishing sites on behalf of cyber-criminals.  

Sean Reynolds, founder and CEO of security consultants Rits, said in many cases, business owners aren’t aware of the risks when going online and choosing a web-hosting provider. “They’re maybe looking for a cheap deal and they don’t know the questions to ask,” he said.  

Reynolds said many senior managers wrongly perceive IT security spending as a form of insurance. “They should be looking at it from a risk perspective (and ask) – what can go wrong?”

According to Reynolds, companies should assess the potential threat to their business against several criteria, such as financial loss, downtime and business disruption. “Then they should ask: is this something we’re concerned about?”

A further risk is reputational, he added. If a site has been defaced, visitors will be less likely to trust the site, especially if it allows payments since there is a possibility the credit card information could be compromised.

In many cases, hosting providers offer the option of upgrading to more robust services which offer better protection than entry-level offerings, Reynolds said. “Usually the hosting companies can give you additional security. If you then decide to move up the chain from brochureware to accepting payments, for example, then you need to get a security professional to assess your risk,” he said.

Web hosting image via Shutterstock

Gordon Smith was a contributor to Silicon Republic

editorial@siliconrepublic.com