Since 2019, Hostlika has been dedicated to keeping your websites safe and secure. Each year brings new challenges in website security, and 2023 was no exception. With the rise of artificial intelligence, both website administrators and cybercriminals have adapted their strategies.

Discover how Hostlika protected over 2 million customers' websites from cyber threats in 2023. We’ll also share five key lessons and some insights to help you safeguard your online presence.

Sales Attract Malicious Actors

The Hostlika malware scanner, powered by Monarx, detected and cleaned nearly 500 million instances of malware throughout the year. This figure is half of what it was in 2022, largely due to our improved handling of Phoenix, a notorious malware uploader.

Despite this, the number of unique malware pieces has significantly increased, a trend we expect to continue. Malicious activities peak during sales periods when more people are online and security vigilance may wane. Our malware scanner was especially busy during major sales in November and December, with minor spikes observed in May and August.

Moreover, generative AI is contributing to an arms race, making malware more sophisticated and destructive.

Small Businesses Under Attack

Webshells, uploaders, and adware continue to dominate the malware landscape, but small businesses are facing new threats.

First, ransomware is increasingly targeting small enterprises, encrypting data and demanding ransoms. Previously, such attacks were more common against large, solvent businesses.

Second, cryptocurrency miners are ramping up activities, especially when bitcoin prices fall, making mining on web servers more attractive.

Finally, redirects are becoming more common and dangerous due to their rapid mutability, often infiltrating legitimate files and databases. The wp_posts table is a frequent target, but redirects can appear almost anywhere.

500 DDoS Attacks per Day: The New Normal

In 2023, Hostlika's infrastructure faced over 185,000 distributed denial-of-service (DDoS) attacks, averaging 500 attacks per day. The highest number of attacks occurred at data centers in the US, followed by Brazil and India.

Our advanced traffic filter effectively thwarted most DDoS attacks, activating within seconds to divert malicious traffic. This reduced the need for remotely triggered black holes by up to 95%, enhancing uptime for our services and clients.

Our traffic filter handled several powerful attacks, including two major incidents in our Singapore data center on December 21 and 24. The first attack lasted over 6 hours, reaching 2.3 million packets per second (Mpps) and 18 gigabits per second (Gbps). A few days later, another attack peaked at 3.6 Mpps and 1.3 Gbps.

Thankfully, neither these nor the numerous other attacks had any impact on our infrastructure or client websites.

The Botnet vs. CDN Battle

Botnets, notably Mirai, have grown alongside improvements in content delivery networks (CDNs). As CDNs get better, larger botnets are needed to successfully flood websites.

Hostlika’s CDN, launched mid-last year, has mitigated numerous attacks, including one particularly intense incident. Over three hours, a client’s site was bombarded with more than 10 million requests per second (Mrps). Post-incident analysis helped us enhance our CDN, tripling its power.

While this doesn't compare to Cloudflare’s record-breaking 71 Mrps attack, it’s important to note that our clients are not among the Fortune 1000.

Beware of Fake and Unsecure Plugins

WordPress, used by 43% of all websites and over 3 million hosted by Hostlika, remains a prime target for cyber threats.

Major WordPress security vendors like Patchstack, WPScan, and Wordfence identified over 4,000 Common Vulnerabilities and Exposures (CVEs) last year, around 14% of all CVEs.

Plugins are the main source of these vulnerabilities, with fake plugins being particularly problematic. The quantity and quality of these fake plugins have increased rapidly, a trend likely to persist as generative AI makes creating them easier.

For Hostlika clients, WordPress automatic updates and a vulnerability scanner are crucial defenses. The scanner promptly alerts clients to vulnerabilities and provides guidance on necessary actions.

Keeping Your Business Safe Online in 2024

While the challenges may seem daunting, securing your online business is achievable. Choosing a reliable hosting provider is critical, addressing most potential threats.

Look for providers offering SSL certificates, malware scanners, web application firewalls, DDoS filtering, built-in CDN, automatic updates, backups, and 24/7 monitoring. Fortunately, as you’re already on the Hostlika blog, the solutions you need are just a click away.