How to protect your web hosting business during the holiday season attack wave
Boglarka Angalet

How to protect your web hosting business during the holiday season attack wave

For devops in the web hosting business, holiday season is not exactly the most wonderful time of the year. If you’ve ever sneaked out from Christmas dinner to check on your servers’ status, or been woken up by attack alerts when only Santa Claus is supposed to be awake, you know what I mean.

The Rise of Holiday Hacking

Holiday season is peak period for cyber attacks, and we’ve written about it several times.

But we’re not the only ones analyzing historical data and finding any indication of what’s to come.

Just taking a look at last year, The SSL Store predicted over 50 million cyber attacks for December, which caused a $50-$5,000 loss for customers per incident.

If we take a look at Hackmageddon’s analysis, we can see how it happened.

One of this season’s most threatening attack factors are email phishing campaigns and fraudulent or phishing websites that promote special offers or victimize thousands of visitors by accessing fake login pages. And the hacker’s job is becoming child’s play as it’s now easier than ever to obtain a free DV SSL certificate and get their website marked “Secure” in Google Chrome.

You might say people are the weakest link in this story, but let’s face it: all these robbed and angry clients have infected hosts and unprotected servers behind them. It’s your responsibility as a provider to do as much as you can to keep the hackers outside.

We’re confident to say that hosting companies will see a 50% increase in attempted cyberattacks in November and December of 2018, too. And we are sure that the modern-day holiday season for hackers does not start with Thanksgiving in mind, it starts with Black Friday.

 And why do we think that?

We have historical from data over 5,000 servers worldwide which definitely does not show us the big picture, but gives a pretty good heads-up about what’s to come.

Here you can see all the captured incidents by BitNinja from this year on a weekly basis. It’s easy to see the trend of increasing attack volume in Q3 and Q4 of 2018 and finding out where it’s heading.

Web Hosting Companies - Primary Targets of Hackers on the Dark Web

What makes the holidays such an appealing time for web attackers is pretty clear:

the combination of half your staff being on vacation and the significant upsurge in e-commerce are what hackers waiting for.

/Fun fact:
ThreatMetrix, the digital identity company, research-identified 251 million fraud attempts in e-commerce, a 113% growth over 2016, during 2017’s fourth quarter. The report also revealed an increased attack volume originating from Russia./

Many web hosting companies feel the increased attacks at some point, but don’t have the right tools to monitor and defend them. So it’s time to recognize how tempting these companies—especially market leaders hosting many webshops and high-traffic sites—are for attackers, and what you can do to protect your business.

Organizations should be extra vigilant as these attacks often begin with recognizable preparatory steps, and weak security solutions often don’t pay attention to them, they focus only on malware cleaning and disaster handling.

Is that comprehensive enough? It goes without saying.

How to prepare your business for web attacks

Now matter how quickly you respond to an attack, how many vulnerabilities you patch, or how many endpoints you’re monitoring, unless you’re a company the size of Amazon, or Google, your team is likely understaffed, with a larger attack surface than you can handle with on-call sysadmins.

The solution comes down to a well-known phrase: security automation.

You might think there’s nothing new under the sun, but security automation is maturing—not to mention the technology behind it—however, many firms are not committed to its adoption.

We can totally understand, there are a lot of nuances that come into play:

  • Mapping your web attack surface is a lot to handle.
  • Recognizing your existing backdoors is a never-ending story.
  • And finding a tool that covers all types of attacks (malware infections, DoS, CMS hacks, sql injections, xss attacks and many more) seems to be Mission Impossible.

Try BitNinja and rule the cyber war

That’s exactly why we created BitNinja Server Security five years ago, to simplify these project-smelling tasks for tech teams into a five-minute installation.

Why web hosting companies like it so much:

  • It’s a comprehensive, nine-module system for preventive security (not for fire-fighting).
  • You can handle all your servers in one admin panel (SIEM) for in-depth audit and settings.
  • Real-time protection is completely auto-pilot (still has options for finetuning).
  • A global defense network and honeyfarm take care of feeding our threat database.
  • Quick setup, which is essential, as you don’t have much time left before Black Friday.


BitNinja Case Study: MissGroup

Act now and try BitNinja’s 7-day trial and forget about the holiday hacks for good. We guarantee, you’ll see the first results in 24 hours—and not just for this season. Your servers, your customers and your business will be protected against 99% of all kinds of attacks all year round.



Holiday cyber-storms won’t be going away anytime soon. In fact, we can expect an increase of malicious traffic every year. Most security teams will probably end up working more than 40 hours during the upcoming months, so that they ensure in time that every possible area is protected.

Don’t be a victim of hackers. Choose the right security partner and put your mind at rest, knowing your business is safer than it was before.

You have less than one month to act.

Share your ideas with us about this article

Previous posts

The Most Famous Vulnerabilities: Cross-Site Request Forgery (CSRF)
Before I begin to explain CSRFs we need to understand some facts. First of all, we have to see how websites usually work when they have a login. Most pages use username/email and password for authentication. In today's world, it's not uncommon for newer sites to support two-step authentication. Normally we use a login once on a website because it generates on the server side a session which reminds our browser that we are already logged in. Generally, the session has an expiration time and when it expires we have to login again. After we login, the browser receives some cookies which...
The Most Famous Vulnerabilities - HTTP Parameter Pollution
In the previous blog article, we learned about SQL injection and how it works. If you read it then you will know that it belongs to the family of the most serious vulnerabilities. The next vulnerability is not going to be so serious, but it's worth taking care of. What is HTTP Parameter Pollution? The easiest way to introduce this vulnerability is to show the method that you have seen many times on websites or any other application that can be linked to the Internet at some level: redirection. A lot of websites use this technique to redirect from one website to another, or even within...