Why Would Someone Hack My Site?
Security Warning – Your Website is at Risk
What makes your business hack-worthy? No matter how small or obscure your business may be, we’re all targets for hackers. “If you have a computer, mobile, device, an online account, email address, credit card or engage in other type of online activity, you are worth money to cyber criminals,” Eric Conrad with the SANS Institute explains. More business is conducted online each year, including purchased via a website and data stored online used by brick-and-mortar establishments, like credit card numbers and customers’ personal information.
While there is no sure-fire way to prevent a hacker attack on your website, understanding the types of attacks can help you to better prepare should your site be compromised.
The Targeted Attack
A targeted attack means that your website is the final destination for the hacker. Small businesses are not the victims of targeted attacks very often because it is not very economical for a hacker. They make out much better going after data-heavy sites of larger corporations. While small business attacks are somewhat rare, do not be lulled into a false sense of security. Semi-targeted and untargeted attacks can still happen to small businesses.
The Semi-Targeted Attack
During a semi-targeted attack, you are targeted but are not the final destination. If your website is stored on a server with many other websites, a hacker might use your website to gain access to other, often larger, sites on the server. Being the weak link in the chain can mean that your site is the perfect stepping stone in a semi-targeted attack.
The Untargeted Attack
Remember that hackers do what they do for money. According to the SANS Institute, “cyber criminals know that the more credit cards they steal, the more bank accounts they hack, or the more passwords they compromise, the more money they can make.” While a hacker can make a lot of money by hacking a larger corporation, it may be easier for them to hack several smaller sites. Hackers can use search engines to find websites to hack. Websites with weak passwords are especially susceptible to untargeted attacks. Hackers might also use your site to infect your users to gain access to much more data.
Encrypted information is no match for hackers. As you have probably seen, Target and Neiman Markus are the latest in large-scale hacker attacks. They most certainly had their customer information encrypted in some way. However, there are programs available to or written by hackers that can easily decrypt this information.
Protecting Yourself a Hack
Many small businesses don’t store user information on their own servers. Instead, they use a service like PayPal or another payment management company. This takes the burden of responsibility off of the shoulders of your small business and places it in the hands of a larger company with the money and resources to handle the security necessary.
Strong passwords may seem simple, but they can be a deterrent to hackers. The top password is still password! Hackers know this and use it to their advantage. Your password should contain a mix of numbers, letters, and special characters. Websites that you frequent aren’t the only place to think about password strength. You should also secure your home network WiFi access point with a strong password – especially if you work from home.
Know which devices are connected to your network. Keep those devices updated. This will help to ensure that there are no security flaws in the operating system or software for each device.
It is also a great idea to create a backup schedule. Many small businesses do not back up their websites. With no backup in place, it will cost a lot of money to rebuild the site to what it once was. Backing up your website is a money saving measure that takes relatively little time each month. It is not wise to rely on your host to back up the site for you.
Keep tabs on your financial statements. The SANS Institute recommends checking statements once a week for suspicious activity. If you notice something out of the ordinary, alert your financial institution immediately.
In addition to the actions you should take care of on your own, having a reliable host can help to protect you from attacks. Quality servers have the latest in firewall and security features. In addition, experienced web designers make sure that security features are built in to each website design.