Why Would Hackers Target MY Website?
This is a question I hear a lot, especially from new or potential clients. Why would someone want to hack MY website? And I know what they’re thinking: The image they’ve usually conjured up is a 30-something sitting in his mother’s basement, eating leftover pizza, triumphing over his hack of the Smith Law Firm website (or whatever the business is).
The reality, though, is that most of these hacks are done by bots, targeting thousands of websites randomly. A human hacker doesn’t have the time to identify you directly and doesn’t need to… His bot minions do the work for him.
But first off, I just want to be clear: If you get scared, at any point during this article and are a client of ours, don’t worry! Jump straight down to see what Crash does to protect our websites!
There are plenty of reasons a hacker would want to hack your website, even if you serve a small local niche, or don’t really sell anything online. What they really want is your visitors! They don’t have another way to specifically target those people, so they use your website to reach them. They don’t care if you get 100 hits a month or 1,000,000… Their bots are doing all the work.
But what does that really mean? Here’s what we know.
What hackers gain from hacking your website
This is not as common as it was 10 or 15 years ago. Hackers would write a program to infect sites, and simply put their ASCII art, name, and tagline on the site. This was mostly harmless (but annoying!) and usually easy to fix if the victim had a backup. Today, hackers don’t waste as much time with this tactic, especially when there is plenty of money to be made, but there are still bots out there that simply seek to destroy your site and cause you headaches.
This one is a lot more common. Basically, hackers will infect your site in a way that you never even notice until your hosting provider sends you a stern message about spamming people with emails asking them to visit certain pages on your site. I’ve seen a few of these emails from confused clients using their own hosting provider, and it always leads to website hacks.
These pages are hidden and often promote products like Viagra, supplements, get-rich-quick schemes, and other similar products. The reason is hackers love to use email spam to promote their sleazy products, but email providers are smart: If they see a link in an email from a known spam site, they filter that message out before the user ever sees it. So hackers got smart and learned that if they send a spam email linking to a page on a different (victimized) domain, email providers wouldn’t notice and would deliver the email as normal.
Powerful and useful information flows through websites that hackers would love to have. Yes, this can include credit card information, but email addresses and user passwords can be as, or even more, valuable to a hacker. Hackers love to place malicious code on your site that silently gathers user info for them to use in their other endeavors.
This is the worst of the worst for you and your visitors. Hackers inject malware into your site so that when visitors come to, say, your pricing page, they are hit with an automatic virus download. Usually, the download name is disguised as something useful like “security_utility.exe” or “speed_booster.exe”—but once it is installed, it will completely take over a computer system.
This is the worst type of hack because not only do you have a hacked site, but you are also playing damage control, helping visitors and customers clean up their systems and attempting to regain trust. This is the type of hack you read about in the news.
This doesn’t happen as often because it takes a bit more manual work and can get a hacker on the FBI’s radar. A ransom attack involves a hacker altering your website in a way that there is no way you can recover it. They will then call or email you and demand anywhere from $50 to $1,000,000 in return for your unlocked data. In most cases, a hosting provider can just restore a backup and block access, but there are times when this type of hack causes real harm. Victims of ransom hacks are usually larger corporations, and the hackers demand cash or threaten to release customer info.
What does Crash do to protect your website?
Whew. So now what? What can you do about all of this? Well, the two biggest things are for you to keep your software up-to-date, and to monitor changes on your site. Just those two things can be big tasks, especially long-term, and that’s why a lot of clients find our monthly care plans really useful.
Here are some things we do to protect your website.
Auto-Filter Identified Malicious Traffic
Because hacking is so ubiquitous across the web, there are networks that monitor users for certain actions that tip them off as hackers. These identified hackers are then put into a constantly updated database that we are connected to, and instantly block these users. They never have an opportunity to poke around on your site to see what they can do.
Temporary Ban on Failed Login Attempts
A lot of times hackers will attempt to log in to the site and use a database of common passwords to see if they can get in. (PSA: Any form of “Password” is on that list, even “P@$$w0rd”… Yes, a lot of people still use those.) Once a hacker has tried a certain number of failed logins, they will be blocked for a short time. This is usually enough time for them to move on and try another site. If they try this again the next day, they are blocked until someone on our staff manually takes them off of our blacklist.
Weekly Software Patches and Updates
Out-of-date software is the most common vulnerability that hackers exploit, so we update and patch our software twice a week.
Brute Force Protection
A tactic hackers often use to find and exploit vulnerabilities is to pound a website with hundreds of visits a second, checking for different ways to get in. Our firewall constantly monitors this and instantly blocks any brute force attempts.
Manual Change-Log Scanning
This is the most mind-numbing, boring line of defense we have, but it is one of the most important. If there is a change on your website, whether it’s a new file that is uploaded or a period that is added to a sentence, someone here manually checks that change log to make sure it is not something harmful to your website. We have never had an issue reach this level, but it is still very important in case something ever slips through.
We do daily backups of every site, just to be sure we have a clean restore point. All backups are kept for 90 days, giving us a clean restore point if needed. Again, we’ve never reached this point for hack repair, but we have the option if it is ever needed.
Should you be worried?
Okay, with all of that said, should you be worried? The short answer is no, don’t be worried, but do be informed. If Chase Bank can be hacked, so can you. The important thing is to be vigilant and know that this can happen. Keep an eye on your site and update site software, or employ a professional to do it for you.
If your website has been hacked, or if you would like to find out more about our website hack repair services, contact us today.