Sectigo’s Research Finds Websites Attacked 172 Times a Day & Automated Bot Attacks on the Rise for SMBs

ROSELAND, NJ — March 22, 2022 — New research from Sectigo®, a global leader in digital certificates and automated Certificate Lifecycle Management (CLM), found cyberattacks -- especially automated ones -- of all kinds are on the rise, primarily due to skyrocketing bot traffic. Small and medium-sized businesses (SMBs) are grappling with bot traffic that now accounted for 5.5 times more than human traffic in 2021, compared to 2020 -- 2,306 weekly average bot visits per site. Further, the volume of human traffic decreased, indicating that malicious actors are using bots to scale their attacks and target unaware SMB website owners.

“While there are legitimate reasons for bots to visit a website like search engine crawlers and copyright scans, bots are also used for a variety of nefarious purposes. Malicious bots can programmatically visit websites and identify vulnerabilities in code to execute their attacks, such as stealing data or inserting malware,” said Jason Soroko, CTO of PKI at Sectigo.

Soroko continued: “The public internet is a very dangerous place and is increasingly getting worse. Don’t commit the fallacy of the underdog -- SMB websites have enormous value to bad actors because they have customer data and can be used for phishing attacks. It’s not just about fraud, either. If websites handle payments, they’re obvious targets, too. The content management system platforms SMBs rely on may not protect against these threats. In fact, they are inherently difficult to secure.”

Soroko concluded: “SiteLock’s new data underscores the importance of having a comprehensive website security solution in place to protect against these threats and establish digital trust in an increasingly digital world. Even well-resourced enterprises struggle with this. In 2022 and beyond, specialized security tools are a necessity, not a luxury.”

The research was conducted by Sectigo’s website security protection and monitoring company, SiteLock. 2022 SiteLock Annual Website Security Report explores the current website security landscape and trends from 2021. SiteLock analyzed more than 14 million websites to determine the most prevalent cyber threats organizations face today. Findings show that the threat landscape continues to grow and evolve, with particularly effective cyberthreats coming into focus, such as Filehacker (35 percent of infected websites with malware contained Filehacker) and Backdoor attacks (31 percent contained Backdoor). The research found:

• Ninety-three percent of websites infected with malware were not blacklisted. That’s nine out of 10 websites missed by search engines.
• Websites are attacked 172 times per day, eight attacks per minute.
• WordPress sites are 39 times more vulnerable than non-Content Management System (CMS) sites. Plus, plugins impact WordPress vulnerability. For every five plugins on a website, the risk of an attack is nearly double.
• There are currently an estimated 4.1 million websites infected with malware worldwide.
• Nearly half (48 percent) of SMB website owners believe they are too small to target, even though half of them have been breached.

Given the broad range of threats, businesses require a comprehensive security solution. SiteLock is a suite of security products designed to protect SMBs attacks of all kinds. With SiteLock’s risk assessment tool which analyzes more than 500 variables to determine a website’s risk level, SMBs can stay ahead of these evolving web threats and keep bad actors from disrupting their online presence.

Sectigo will showcase the research at CloudFest 2022 this week in Europa-Park, Germany. CloudFest, which takes place March 22 to 24, is the industry’s leading conference for cloud, hosting, and internet service providers and tackles the most critical trends around website security. As the market leader in web security with more than 16 million websites currently protected by SiteLock and a suite of solutions, including automated CMS vulnerability scanning and patching solutions, Sectigo is Diamond Plus Partner for CloudFest.

Download a copy of the report at www.SiteLock.com/2022-annual-website-security-report.

About Sectigo

Sectigo is a leading provider of digital certificates and automated Certificate Lifecycle Management (CLM) solutions - trusted by the world’s largest brands. Its cloud-based universal CLM platform issues and manages the lifecycles of digital certificates issued by Sectigo and other Certificate Authorities (CAs) to secure every human and machine identity across the enterprise. With over 20 years of experience establishing digital trust, Sectigo is one of the longest-standing and largest CAs with more than 700,000 customers, including 36% of the Fortune 1000. For more information, visit www.sectigo.com.

About SiteLock

SiteLock is a leader in comprehensive cybersecurity solutions for organisations. Its cloud-based, enterprise-grade technologies and deep expertise give organizations of any size access to the same security capabilities the biggest companies use to protect their data, ensure secure communications and defend their websites. SiteLock offers effective, affordable and accessible solutions to automatically detect and fix threats, prevent future cyberattacks, enable unrestricted and safe communications, and meet compliance standards. Founded in 2008, the company protects more than 16 million organizations worldwide.