by | 20 Jan 2016

From RansomWare to RansomWeb, what has changed for eCommerce sites?

More and more people become victims of ransomware, a malware that encrypts your data and demands money to decrypt them. The bad news is that cybercriminals are going after websites and eCommerce as well by changing the encryption keys needed to keep a website running. Discover in this article more information on this evolving threat, and why SMBs eCommerce sites should be worried and act now!

eCommerce sites targeted by RansomWeb attacks

Last year, we already warned about the rising  threat of RansomWeb in the article « RansomWeb could kill your business site ». We predicted with many security experts there will be a multplication of such attacks in the near future, which is now happening.

On November 4th 2015, the Linux Website ramsomware infected a server used by professional Web site designer Daniel Macadar. The ransom message was inside a plain text file called “instructions to decrypt” that was included in every file directory with encrypted files:

“To obtain the private key and php script for this computer, which will automatically decrypt files, you need to pay 1 bitcoin (around 420 USD). Without this key, you will never be able to get your original files back.”

I’m sure you are already thinking that it is just 420 USD, am I wrong? Imagine that the next step might well be the modern equivalent of protection rackets, by threatening companies with being either taken offline or having their databases frozen unless they pay a regular fee.

Imagine they threatened to increase the price by 10 per cent with every passing week? It could be dramatical for SMBs to pay such a reccurent fee. If we add the unavailability of the website and the hit on your consumer confidence, the damage could be worst than a DDoS attack. Are you still not worried about RansomWeb?

How to prevent RansomWeb from reaching your eCommerce?

Before to teach you how to prevent RansomWeb, we have to understand how an attack like this can reach your online shop.

RansomWeb attacks exploit common vulnerabilities. On we heard that one of their friend’s site was infected via an unpatched vulnerability in Magento, a shopping cart software that many Web sites use to handle eCommerce payments.

We can easily deduce you can avoid some of the RansomWeb attacks by updating regurlarly your eCommerce site. But is this sufficient? Unfortunately not!

How are you currently evaluating vulnerabilities in your eCommerce site? How are you fixing them? What if there is no patch released for one of your discovered vulnerabilities? Or if you simply don’t know there is an existing patch?

With OZON cybersecurity solution, you can assess your eCommerce site easily to discover vulnerabilities and use virtual patching to fix it. Thanks to virtual patching, you can remediate easily to most of common vulnerabilities. No need to be a security expert or to lose time you should spend on your customers or by developing your online business. OZON magic takes care of all! OZON also protect your online shop against common attacks (XSS, injection SQL, DDoS attacks) and fraud prevention.

Why no give it a try for free? The good news? No credit card is needed to launch your free trial.