Interview: More Than 50% of Site Traffic May Be Hackers or SpammersBy: Abby Johnson - March 14, 2012
How secure is your website? It’s a scary thought when you think about it, especially given all the attacks that have risen up in recent years. Last year, well-known websites such as Sony, Epsilon, and even government sites were hacked.
The sad part of this is that, according to Marc Gaffan, the Co-founder and VP of Marketing and Business Development for web security firm Incapsula, since these well-known companies are falling victim to attacks, it makes small to medium-sized businesses that much more susceptible to breaches. As he explained to us, hundreds and thousands of SMBs are attacked on a daily basis.
“You’re no longer too small to be a target,” he said.
“That’s the big change or the shift in the paradigm that we’ve seen over the last year,” he added.
What are you doing to make sure your site is protected? Let us know.
Incidentally, Incapsula released a report that found 51 percent of traffic to websites is non-human. While some of this non-human traffic may be from Google, Yahoo, and other credible sources, the report found that 31 percent of it could be harmful to businesses. In other words, this 31 percent of traffic could be hackers, scrapers, spammers, spies, and other unwanted visitors.
Most businesses rely on their Google Analytics to find out where their traffic comes from. However, Gaffan said that businesses need to be aware that these other statistics exist as well that could hurt them and their customers.
Also, the question of, “Is all traffic good traffic?” becomes an issue since some of the traffic may be unwanted but not directly harmful. Gaffan compares this scenario to a person that comes into your backyard repeatedly but doesn’t bother anything. Since most people would be uncomfortable in such a situation, Gaffan believes businesses should have the same feeling in regards to their website.
He told us that businesses should put measures in place to prevent this unwanted traffic from coming to their site.
“They should have tools in place that would let the Googles and Bings and Yahoos and all the other legitimate services that need to access their website, access their website,” he said. “Anyone that has no legitimate business at their website, should be kept out.”
Incapsula takes security issues very seriously and tries to help businesses by providing a set of tools that helps with both direct and indirect breaches. The company enables businesses through its Bot Access Control capability to see and control whomever comes to their site.
Gaffan said the tools allow businesses to keep their websites clean of any harmful and potentially harmful visitors.
Incapsula also recently partnered with the Payment Card Industry (PCI) and security service providers in order to help online merchants. This is an important move for businesses because, if they don’t meet the PCI regulations, they could lose their ability to process credit card payments.
Gaffan believes this effort is another step in helping small to medium-sized businesses protect themselves and their customers.