Sucuri Webinar: Impacts of a website compromise

Impacts of a WEBSITE COMPROMISEWEBINAR

Tony Perez | @perezbox #AskSucuri

WEBINAR


TONY PEREZ@perezbox

Tony Perez | @perezbox



WEBINAR Impacts of a WEBSITE COMPROMISE


THANK YOU!



WEBINAR


#AskSucuri



WEBINAR


TONY PEREZ@perezbox

Tony Perez | @perezbox





WHO IS THIS TALK FOR?

• Currently infected

• Have experienced an infection

• Curious what nefarious things hackers can do with your website

• Weighing the risks and trying to figure out if security is a thing to worry about





What’s the Motivation? Why do hackers hack?









REVENUE• Make money off your website or

it’s resources

• Earning potential could be based on stealing information (i.e., data exfiltration)

• Impression based affiliate marketing schemes

• Criminal enterprises





AUDIENCE

• Make money off your audience

• Extremely valuable to attackers

• Ability to take advantage of the trust you’ve built with your followers / customers





RESOURCES

• Make money off your resources

• Abuse of the infrastructure supporting your website

• Integrated into larger criminal networks (a.k.a botnets)





LULZ

• Not about making money (Finally!!)

• Bored, why not?

• If it allows me to access it, why wouldn’t I?

• Badge of honor amongst peers!

• Likely one of our kids!!!





Things they do! Understanding the tactics









Various Attack Types

Malware Distribution Search Engine Poisoning Spam EmailPhishing Lures

Defacement DDoS/Bot Scripts Ransomware





Type Description Motivation Association

Malware Distribution Drive-by-DownloadsEnd-points are the target

RevenueAudience

Search Engine Poisoning (SEP) Search Engine Result Pages (SERP)Pharma / Casino / Luxury Goods

RevenueAudience

Phishing Lures Email / Social Phishing campaignsFinancial / Credential Theft

Spam Email Email spam campaignsLeverage your server / ip / domain

ResourceAudienceResource

Defacement Hacktivism Lulz

DDoS/Bot Scripts DDoSMailer Scripts

RevenueResource

Ransomware Hold you hostageHow your audience hostage

RevenuAudience

Data Exfiltration Steal data from your environmentE-Commerce / PII

ResourceAudience





THE IMPACTS OF COMPROMISE

Brand Website Blacklisting

Emotional Distress

Economic

Business

Visitor Compromise

Technical

SEO Impacts





Brand Reputation• Your brand is made up of the unique user experience you offer through

your design, content, product offering and service

• Your website, and the experience your audience has plays a critical part in the reputation of that brand

• Tolerance is the highest it’s ever been around website compromises, so reputation is recoverable

• Loss of trust in your brand can drive your audience to look for alternatives to your brand

Business ImpactsEconomicBrand Emotional Distress





Economic Impacts• Our research has shown a little over 90% drop in traffic immediately

following a compromise, that number goes up if a website gets blacklisted

• Whether your website leverages ads, static content, or sells product, it directly or indirectly helps your business generate some form of revenue / exposure

• Costs associated with post-compromise services, to include time / money spent on tools, education and consultation






Emotional Distress• Anxiety – nothing ever goes fast enough

• Confusion – unclear what steps to take, who to talk to, where to start

• Anger – you want to reach across the matrix and shake someone

• Sadness – a general feeling of feeling overwhelmed, exhausted..

• Distrust – an erosion of trust in technology, internet, people






Website Blacklisting• The most impactful in that it has the ability deter people from reaching

your website and it’s content / product / services

• Blacklists extend beyond search engines like Google and Bing, but can be found in end-point AntiVirus Solutions like Malwarebytes, Norton, EST, McAfee and so many others.

• This can lead to your website being flagged globally in large networks (i.e., cisco, websense, etc… )

Technical ImpactsSEOBlacklisting Visitor Compromise





Seo Impact• The most impactful in that it has the ability deter people from reaching









Visitor Compromise• The most impactful in that it has the ability deter people from reaching









Thinking Website SecurityHow to improve your website security posture





Security is not a static state, it’s a continuous process.









Technology will never replace your responsibility as a website owner.









Security is not a Do It Yourself (DIY) project.









Q & A Tweet us @SucuriSecurity using #AskSucuri

Internet

Sucuri Webinar: Impacts of a website compromise