Many of your clients use web hosts and kits (like those offered with WordPress), which could expose your clients to data breaches and downtime – and ultimately lead to a lawsuit filed against your business.
Why? Because web host and blogging companies tend to be susceptible to DDoS attacks (i.e., Distributed Denial of Service attacks), which occur when hackers flood a web host’s site with requests and overload its servers.
TechCrunch recently profiled how a recent DDoS attack took Typepad offline for five days, causing its clients' websites to go dark. Meaning their customers had no way of finding them online, they couldn’t make any online sales, and they weren’t able to collect any ad revenue. Yikes.
Below, we discuss what tech professionals need to know about these web host liabilities.
When Cyber Criminals Attack: Outages and Web Host Liabilities
If you’ve ever considered outsourcing a client’s website to a third-party vendor, the Typepad outage is a helpful example to illustrate your potential risk.
After Typepad's site was hit with a DDoS attack, the hackers demanded a ransom, claiming they would stop the attack as soon as the web host paid them off. However, security experts warn that paying off hackers can lead to more problems.
What's to prevent a hacker from demanding more money or attacking again? Nothing. That's why Typepad refused to pay and, instead, began an overhaul of its servers and software that took five days. With more secure and robust servers, Typepad could outfox the current attack. After the overhaul, its clients' websites were restored.
While that sounds like a happy ending, it's not. Typepad’s customers lost five days of sales and ad revenue and undoubtedly suffered damages to their reputations. Many of these customers will want to be compensated for their losses and may sue Typepad or the IT agency that manages their web presence.
Why Outsourcing to Web Hosting Companies Comes with Risk
InformationWeek's DarkReading site reports on a surprising statistic: 73 percent of WordPress sites are vulnerable to basic hacks. Many users download a WordPress kit and forget to upgrade it. Or they use an outdated one that is already vulnerable to basic cyber attacks.
The widespread use of WordPress has amplified the danger of these attacks. Even sites run by MIT, Penn State, and the National Endowment of the Arts have had their security breached because of WordPress vulnerabilities.
Unfortunately, the low cost of WordPress means that small businesses will continue to use it, even if it jeopardizes their data security.
Why Web Host DDoS Attacks Can Lead to IT Contractor Lawsuits
When you set up a client's website, you assume some responsibility for the site's performance. If the web host you use is slow or has a significant outage, your clients could sue you.
Because DDoS attacks are unpredictable and can affect nearly any business (even ones that use major web hosting companies like TypePad), IT contractors need to protect their company from the risk of a DDoS lawsuit.
Say hackers try the same stunt they used on TypePad, but this time, they do it around the Christmas holiday. The web host has to shut down, and dozens of companies lose their site during the busiest time of the year for sales. Those companies could lose out on a huge chunk of their annual revenue.
Clients can sue you for lost revenue, injuries to their e-commerce reputation, and other damages that come from a web outage.
Errors and Omissions Insurance protects your business when clients file a tech-related lawsuit against you. Your insurance company can pay for your legal bills (and the damages you owe) for lawsuits over…
- DDoS attacks.
- Web outages.
- Client data breaches.
- Data loss.
For a free quote on E & O coverage, submit an online insurance application.