How Not to Lose $70 Million from Hackers: Protecting Your Business from Ransomwares with Jamstack and Gatsby

July 26th 2021

How Not to Lose $70 Million from Hackers: Protecting Your Business from Ransomwares with Jamstack and Gatsby
How Not to Lose $70 Million from Hackers: Protecting Your Business from Ransomwares with Jamstack and Gatsby

$70 million - that’s the amount hackers demanded in exchange for the data of more than 200 U.S. firms in a security attack that happened during the recent 4th of July. The White House is now investigating this massive ransomware attack. 

This may be news to you, but hacking and security attacks are a lot more common than you might think.  And if you own a website or do business online, you’re also vulnerable to a security attack like the one in this news.

So how do you protect your business from ransomwares? 

There are a lot of ways to do so just like there are a lot of ways to protect your home from robberies. But we found that arguably the most cost-effective way to protect your business from ransomwares is with Jamstack and Gatsby.

In this article, we’ll tell you the reason why. But first, you have to know about security attacks and how much risk you have.

What is a security attack?

The short answer is, it’s the attempt to breach your website’s security. 

People hack websites for different reasons and the level of horror widely varies from “this sucks” all the way to “absolutely terrifying”.

There are a lot of ways that a security attack can happen. Most common way is to attack your website directly - just like a thief using the front door - in ways like guessing the password, using a false identity or stealing an admin’s password through phishing or click baits. 

Just as there are different ways to attack your website security, there are also different forms of security attacks. And it varies from:

  • something petty as showing off their “cool” hacking skills and painting their name on your website like a graffiti – “I was here”;
  • to something more serious like exposing the weakness in your website security;
  • to more diabolical attacks like misleading your customers to phishing sites to collect their card information, tampering or stealing sensitive data, holding your data for ransom (like the one on the news above), or even shutting down your website completely.

Why is website security important?

As you might start to realize, website security is not only important but necessary for your website. So the right question is not whether it is important, but rather how much security do you need. 

And the answer is – it depends. 

It depends on the value of your data – how much will it cost you if you lose your website’s data - a mil, a grand, just a few bucks? 

Whatever the cost of that loss is, that’s the value of your data and that determines how much website security you need.

The general rule is, the higher the value of your data is the more website security you need, and vice-versa.

Think about it, if you own a bullion of gold bars, you wouldn’t just keep that under your mattress would you? Of course, you’d send them to the most secure vaults in the Alps of Switzerland. 

Exactly the same with your data, the greater risk of loss the more security needed. 

So why Jamstack and Gatsby?

Now that you know about website security and security attacks, the next question in your mind must be, "how do I make my website secure?

To answer that question, a bit of insight on how the system works will help you understand the solution.

Remember that a security attack happens when there’s a breach in your website security. But what do hackers go for when they attack your website?

As you would've guessed, your data. 

But where is your data stored? In a device called, server.  

So when a security attack happens, the hacker’s objective is to get to your server because that’s where your data is. 

To put it in an analogy, the server is like a safe and when somebody breaks into your house, that’s exactly what they’re going for – crack the safe and steal the jackpot.

The Traditional Website Structure - server is owned by the website owner. So, the responsibility and costs of keeping the server the secure also lies with the owner. And thus, making the website vulnerable to security attacks.

But what if there’s no safe to crack in the first place? What if there’s no server to hack? Then, there’s nothing to hack - nothing to steal and therefore, nothing to worry. 

Is that even possible?“ 

No, it’s not. 

But fortunately we have Gatsby.

What is Gatsby?

Gatsby is a Static Site Generator - a tool whose job is to generate static webpages. 

As the name implies, static pages are pages that are fixed - can be delivered as is and without changes. This results in faster loading time and shorter, to almost zero, delay in page display.

 “Okay, Gatsby makes website faster but how does it help my website security?

The answer lies in how Gatsby is able to make websites faster than traditional web app technologies. The trick is in where the data is stored. 

As you now know, website data is stored in servers. And traditionally, servers are owned by website owners - that’s like owning a safe at your home. 

But owning a safe at your home makes your home a target of break-ins and robberies - translated to: hacking and security attacks. 

To make it worse, the general rule was that “he who owneth the server, shall owneth the burden and the cost of keeping thy server secure”. 

And keeping thy server secure costs a lot of money, not to mention, it also affects the speed and performance of your website. 

So people from Jamstack came up with an unconventional solution - get rid of the server.

Jamstack: How Serverless Websites Work

A faster, better, more secure serverless website thanks to JAMstack.

  “How’s it possible to have a serverless website?

JAMstack makes this possible through Pre-rendering and Decoupling.

1. What is Pre-rendering?

Pre-render (a.k.a. Pre-generate) is simply the rendering or generating of webpages in advance.

This happens during the pre-production phase or what is called a “build-time” rather than when it’s actually requested, or the “run-time”, so that your webpages are ready even before somebody searches for your website on the internet..

That’s like you cooking dinner before the kids come home from school so that dinner is served by the time they get home – that’s called thinking ahead.

2. What is Decoupling?

Decouple means to separate the parts of what makes up a website – like building blocks.

It’s the separation of your website’s frontend (i.e. the one that customers see and interact with), from the backend (i.e. the server where your data is stored).

This decoupling of the parts of the website allows for the outsourcing of the traditionally owned server.

And outsourcing removes the responsibilities of buying, securing and maintaining a server from your hands and off to the the service provider you chose. So you can have a website minus the problems of owning a server.

Jamstack Serverless Websites - server is outsourced to service providers like Amazon Web Services or Google Firebase. Thus, the website is able to function as it is but with considerably less vulnerability from a security attack.

By implementing Jamstack and outsourcing your server to services like Amazon Web Services or Google Firebase, you dramatically reduce the risk of ransomware and other security attacks on your website.

That’s like you moving your gold bars from the safe in your house to the heavily guarded and highly secured vaults in the Alps of Switzerland.

However, it's important to remember that there is no such thing as full proof website security.

Even Amazon or Google can be hacked just as the vaults in Switzerland can be robbed – it’s not impossible.

But what are the odds of a successful security attack on Amazon or Google? Now compare that with the odds of a security attack on your server.

How Gatsby maximize website security?

So, using Jamstack and Gatsby to build a serverless website, you effectively protect your business from ransomwares and other security attacks by removing the risk of losing valuable data on your website.

However, removing the server from your website, doesn’t guarantee that there will be no zero attacks on your website. But if someone does hack your website, the damage and loss is reduced to a minimum.

That’s the security Jamstack and Gatsby gives your business.

Bonus:

Building your website with Jamstack and Gatsby won’t just reduce your cost – it will cut down your overall website expenses. Cherry on top, it will improve your website’s performance.

For real.

Disclaimer: The author does not claim to be a security expert. He is a developer who cares about security and has some experience. This post might contain incomplete or inaccurate information. It is your responsibility to properly secure your sites.

Additional Resources:

Ransomware Hackers Demand $70 Million In Bitcoin

How to Build Secure Websites with Jamstack

Security for Modern Web Frameworks

Questions?
Let's Talk!

We’ll help you decide whether Jamstack and Gatsby is right for your business, answer technical questions, help you choose the best approach for your website and more.