Website hacking is an unfortunate reality in today’s cyber-driven world. And whether the site is for a mega multi-national corporation, a mom-and-pop e-tail site or just a personal blog, the results can nevertheless range from mildly annoying to financially devastating.
To understand just how prevalent website hacks are, consider these statistics: best guess estimates show that there are nearly one billion sites currently active and, according to Internet giant Google, anywhere from two to five percent have an “Indicator of Compromise” at any one time. That’s 20 to 50 million sites that are suspected of having some level of infection due to a perceived or successful hack.
What’s the motivation behind most website hacks? Tech security experts all seem to agree that the largest driver is economic gain. Plainly stated, these attacks are designed to make money from your personal audience through malware infections that target bank accounts, credit cards and other personal financial information.
However, there are other motivations for attempting to hack a site: attacks of opportunity usually take the form of mass “black hat” assaults that seek to exploit a flaw in a particular operating system, email platform or some particular plug-in program. Simply put, hackers undertake these efforts simply because they can. Likewise, many hacks are initiated in order to take control of resources such as bandwidths and physical servers.
So what do need to worry about if your site gets hacked? The first step is to call in some form of tech support from your server-hosting provider or, if you had your site professionally built, from your developer or designer. Provide them with as much information as you can: logins, passwords, user names, custom software you may have installed and any backup resources that can help them recover your data.
Also, once you’ve confirmed a hack has occurred take your site offline by accessing your hosting control panel and immediately password protect the main directory: this will block visitors while any damage from the intrusion is being fixed. You should also scan your computer for any and all viruses and malware using a detection software utility such as Norton.
One thing you should absolutely be worried about is whether or not any of your visitor’s personal information was compromised, which can be done by inspecting any damaged files. Whether the hacker was attempting to steal user’s data, mar your reputation or simply let you know that your site is vulnerable, understanding the motive behind the attack can help you protect yourself once your back up and running.
Once your site is one hundred percent functional and virus- and malware-free, be sure you change all passwords once again, back up the site and confirm that any installed extensions or plug-ins are running on the most current updates and versions. And don’t be afraid to keep in close contact with your website professional or any service you used to scrub your site clean: if your site was hacked once, it’s more likely other attacks are coming, especially if you haven’t put in place the proper fixes to prevent another onslaught.