Every website is at risk – even yours!
Why would anyone want to hack my little website???
This is a question we’re often asked here at Green Technology Services. In short, there could be any number of reasons from propaganda, competition, data, to even just the shear challenge of the hack itself.
Cyber security is something we take very seriously. All websites hosted by Green Tech are created with WordPress, which currently runs about a quarter of all websites world-wide. Because of its global popularity, WordPress websites are prominent targets for hackers and unwanted intruders, so it is very important to have strong security.
Green Technology Services has multi-layered security measures in place to safeguard and continuously monitor all of our websites. We successfully protect many of the small, local south Jersey websites we host from several hundreds of attacks per week!
Who’s doing the hacking and why?
Although most people may think that a “hacker” is a single person or a group of people, normally that’s not the case. Most “hackers” are actually automated software programs constantly crawling the internet, always looking for a vulnerable website – possibly even yours! A common mistake we see is when people believe a site without confidential or personal data (such as addresses or credit card numbers) is safe. They are still at the same risk of being attacked because the automated “web-bots” don’t simply discriminate.
There are many things that both human and “robo” attackers can do to compromise a website, such as defacing the site or taking it offline, implanting different types of spam, implanting referrer or SEO (search engine optimization) spam, using the site to host a fake page posing as another website (often called “phishing”), distributing malware (malicious software), stealing a user’s data, holding a site for ransom using ransom-ware, or simply messing up a site in any way just to prove that the hacker can do it.
Defacing or disabling a website
If an attacker has successfully taken over a website and is defacing it, they often replace the content already there with content of their own. Many times they put up political propaganda or adult only ads, but it could be content containing any sort of information. While there have been seemingly harmless (and even humorous) hacks over the years, these can be quite costly to site’s owner without proper data backup. This is certain when attackers actually messed up what they were doing and took the site down by accident. Regardless of whether they changed the content or took the site down, the hacker normally does nothing to hide what they have done and anyone visiting the site will blatantly know that it has been hacked.
Referrer or SEO spam
Up until recently, one of the most common attacks was referrer or SEO spam, which directly affected your analytic reports. Google has taken huge steps in curtailing these attacks, but spammers are always working to get ahead of security.
A common way spammers tried to “trick” Google Analytics was by using a “web bot” (automated software) that never actually visits your website, but tries to make it look like your website was being visited through a link on someone else’s website. The objective of these fake visits is to pique the curiosity of the owner of the website so they check out the hyperlink that shows up in the analytics report. This in turn creates traffic to the invading website, helping increase their search engine rankings or worse, taking the unsuspecting victim to a page containing malicious code to infect their computer and subject them to a whole new world of cyber headaches!
Comment Spam
An easy way for unethical parties to try to build links to their own websites is by putting up fake comments on blog posts that include links to the website they are trying to promote. Yet again, these links may take unsuspecting visitors to sites that have malware on them which will infect their computers. Another fall-off from this is that having links to these malicious sites can eventually get your website blacklisted by Google.
Malicious Redirecting
When a hacker is able to insert “redirecting” code, it is a more dangerous than just simply defacing your website. Malicious redirecting happens when an attacker gains access to the website and inserts code that sends visitors to a webpage that has malicious software on it, which then can infect the visitor’s computer immediately.
This process is normally done discretely – and sneakily – so that the hacker can avoid any type of detection. For example, the hacker can make the malicious redirect work only on certain browsers, on specific devices, or only at certain times of the day, and by doing so it makes detection very difficult since it does not affect every visitor.
Phishing
This form of attack happens when the hacker gains access to your website and hides a fake page on your website that mimics another website. These “phishing” pages attempt to fool the visitor by impersonating a bank, retailer, or basically any type of website asking for personal information. They will try to get credit card numbers, social security numbers, login information, etc., directly from the visitor. Fake PayPal or eBay pages are common and this type of unscrupulous behavior been around for almost as long as the internet.
Phishing pages are often promoted with spam emails containing a link to the fake page. These emails, which you are probably quite familiar with, typically state that your account has been compromised and that you should immediately login in and change your password. If you follow the link to the fake page, log in with your actual username and password, you have just given these criminals your login access to your account.
Malware Installation
One of the most dangerous hacks is when the hacker installs malware (malicious software) directly onto the website. Once this happens, the malware can now install itself onto any visitor’s computer without the visitor even knowing it happened.
If the hacker makes it this far and your site begins to infect visitors, Google will often detect it and will actually flag your site as dangerous. After getting flagged, the clean reputation of your website will basically be destroyed, in turn causing a huge loss of online traffic. Not to mention the visitors might well hold you accountable for the malware that has been installed on their computers!
Ransom-ware
A specific type of malware that can be installed onto the site is called ransom-ware. This has been making big headlines in recent months, with some very prominent companies’ computer systems being “held hostage”. This software is installed on the website and actually “kidnaps” the site. It will block all access to the site and will demand that you pay a ransom to have it returned. If this does happen, never pay the ransom because it may not even get the website released, it may just be a way to get more vital information such as a credit card number.
How Green Technology Services Protects Your Website
With all the different ways that a hacker can infiltrate, disrupt and destroy your website and your company’s reputation, the stakes are real. Not only is your website at risk when a hacker gets into it, but the user and all visitors are open for attack as well. Hackers are constantly scanning the web, hoping to find a vulnerable website they could possibly use as an access point.
As previously mentioned, we have multiple layers of protection in place for every website we host. Some of our safe guards include:
- Daily scanning of each website to look for viruses, malware, changes in the core software files or DNS changes.
- Our server is installed with an excellent firewall that blocks many known “blacklisted” internet IP addresses even before they make it to your website.
- There is a secondary firewall installed on each individual website that blocks suspicious activity such as attempts to access hidden or non-existent files, login attempts using incorrect usernames, attempts to impersonate Google, etc.
- We make weekly backups of each website and save 4 copies of backups. These backups are then stored on a different server than the one the websites are on, so if the main server or your website is compromised, the backups remain untouched and we can restore a clean copy of your website within minutes.
- We utilize a double password system instead of the normal single password method, for accessing the control area for your website.
- We have programs running to try to weed out fake comments, especially those with links to websites that might be dangerous.
These are just a few of the ways that we strive to ensure your website is always protected, and if something bad does happen, that we can restore it with minimal downtime and stress.
References:
- https://www.wordfence.com/blog/2016/04/hackers-compromised-wordpress-sites
- https://updraftplus.com/why-are-hackers-interested-in-your-website/
- https://getflywheel.com/layout/why-do-wordpress-websites-get-hacked/
- https://blog.sucuri.net/2015/02/why-websites-get-hacked.html