How can I avoid international computer hackers

In 2018, almost 30 billion hacker attacks were carried out with the intention of logging into a website with stolen data. Online retailers in particular are not only responsible for their own data, but also for that of their customers. We have tips on how to protect yourself.

This year's "State of the Internet" security report from CDN provider Akamai presents alarming figures: In 2018, almost 30 billion hacker attacks were carried out with the intention of logging into a website with stolen user data. Online retailers in particular are not only responsible for their own data, but also for that of their customers.

Trusted Shops has tips for online retailers on how they can protect their shop from hacker attacks.

1. Use complex passwords

Online retailers need many passwords, for example for administrative access to the shop system, access to databases or web hosts. It is advisable to choose passwords that are as complex as possible, contain letters, numbers and special characters and are no less than eight characters long.

Passwords that are too simple or too short can be easily deciphered. In addition, different passwords should be used for each access in order to prevent a total write-off if a single password is lost. A password manager helps to manage the different passwords.

2. Use virus scanners and firewalls

Virus scanners can ward off viruses and Trojans. A firewall that cannot be changed without authorization is also useful. The programs must always be kept up to date. The operating system also has to be updated regularly; here too, possible security gaps are closed by the manufacturers.

3. Keep the shop system up to date

The same thing that applies to virus programs and operating systems is also crucial for the shop system: always keep it up to date. Most providers provide regular updates in which known vulnerabilities are closed and security-relevant features can be included.

4. Skimpy on writing rights on the web server

The more files have write access, the greater the risk that malicious programs can reach the web server. In the worst case scenario, these files read customer data. The following applies: Only grant write permissions where they are really needed.

5. Secure forms

Forms are often used as a gateway for malware, for example search forms, user registrations or customer logins. The program code defines how this data is processed and read out. Therefore, when creating the code, algorithms should be built in that make it more difficult for malware to penetrate the system using so-called code injection attacks.

6. Encrypt sensitive data

There is no such thing as one hundred percent security and there never will be. No manufacturer can fix unpublished vulnerabilities, so every system will always remain vulnerable. It is all the more important to be prepared for the worst-case scenario.

A very effective method is to only store the data in encrypted form and to keep the key safe and separate from the data. If an attacker gains access to the system, he will only find illegible data.

7. Get professional support

Nobody can be a specialist in everything. This is especially true for information security. There are solutions and specialist staff who can provide support in securing the online shop and clearly identify where the problem is. The spectrum ranges from automated vulnerability scanners to external information security officers.