How to Protect Magento Stores Against Cyber Extortion and Ransomware Attacks

by Zain Imran  September 16, 2016

As a Managed Cloud Hosting provider, Cloudways is always looking out for the safety of your websites. Security is of prime importance to us.

Recently, we have witnessed a rise in a new kind of attack mechanism: Cyber Extortion or Online Ransom Attacks. In such cases, the application data of websites are being compromised by hackers. Once the attacker has access to your web files, these are encrypted and hidden on a secret server somewhere on the internet. The hackers then ask you to send them Bitcoins, a popular digital currency, to be able to retrieve your website data.

In simple words, your data is kidnapped, and you are mostly asked to pay ransom for your digital data!

Here is a sample message users receive when a website is compromised:

Your personal files are encrypted! Encryption was produced using a unique public key [redacted] generated for this computer.

To decrypt files you need to obtain the private key.

The single copy of the private key, which will allow to decrypt the files, located on a secret server on the Internet.  After that, nobody and never will be able to restore files…

To obtain the private key for this computer, which will automatically decrypt files, you need to pay 4.6 bitcoins (~1000 USD).

Without key, you will never be able to get your original files back.

!!!!!!!!!!!!!!!!!!!!!  PURSE FOR PAYMENT: [redacted]   !!!!!!!!!!!!!!!!!!!!!

Such attacks are being made on a seemingly profitable online venture, and this makes web stores very venerable.

Are Magento Stores Under Threat?

Magento is a very popular ecommerce development framework for online stores. Many of these stores are established ventures generating millions of dollars every day. These websites are easy targets as they are sensitive about their reputation and would push forward to resolve much quicker than other business websites. This application, like any other, needs security precautions to keep it safe from hackers.

But hey, as a Cloudways customer, you don’t have to worry too much about the ransomware threat at the server-level. Your Magento hosting server on Cloudways Managed Cloud Platform is like a fortress. Our experts are monitoring the entire server farm on a minute-to-minute basis to prevent any server-side mishaps.

Necessary Steps Against Ransomware Attacks on Magento Stores

However, you do need to take a few precautions for your web store. The bad guys can get in, and if they do scale a wall, they can rob your store from you.

  1. Update Your Magento Version Regularly
  2. Take Frequent Backups
  3. Use Stronger Passwords

Update Your Magento Version Regularly

First, keep your version of the Magento store up-to-date. Many small-scale updates arrive on a regular basis and applying them generally won’t break your site. However, it is necessary to store copies.

Take Frequent Backups

In many previous articles, we have recommended that you should take frequent backups of your Magento application data. This is just a one-click task on Cloudways. You can even automate the backups by setting the frequency. By the way, we have hourly backups.

Plus, you can also download backups of your server and its application through Cloudways Cloud Console too.

Use Stronger Passwords

Another precaution is to use a unique password for your Cloudways account, as well as any Magento passwords. Make sure the passwords are strong.

Cloudways Magento Hosting Platform is Completely Secure

Here, I would like to add that our team is always monitoring the security situation of the servers on Cloudways. Our experts keep a close eye on any development that may look dubious in nature.

This is a situation in which the quality of a Managed Magento Hosting Platform can shine through to protect your business and ensure peace of mind for you.

For a comprehensive list of Magento security tips, check out this article. That’s all for now. Keep selling, Magento folks!

Start Creating Web Apps on Managed Cloud Servers Now!

Easy Web App Deployment for Agencies, Developers and E-Commerce Industry

About Zain Imran

Zain Imran is a Digital Content Producer at Cloudways. He is an engineer and loves to learn about technologies. He is a sports and fitness freak.

Stay Connected:

You Might Also Like...

  • Ana Trandafilovic

    Great article, I wish I have seen it sooner! Unfortunately many people, especially website owners don’t realize the importance of actively participating in protection of their website. Or the host companies give them the false impression that their website is perfectly safe.

    There is so many ways in which e-commerce stores are hacked, Ransomware is the perfect example, but there are other types of malware that can keep the low profile for months.

    As for Magento the only way you can really protect your website is to have your very own team of developers that will keep an eye of any suspicious changes, or to install an extension like this one that can do that for you.