Large Websites Aren’t a Hacker’s Sole Target.
There are really many reasons why a hacker might attempt to gain access to a small business website, however, most times there is something to be gained by hacking them in the form of cold, hard, cash. While there are some hackers that do it just to say “Look at how l33t I am”, most are doing it as a way to make money.
If you’re thinking, “I just have a small website with some information about my business – why would a hacker have any interest in my site?” The answer is actually pretty simple: Hackers have interest in any site that can be accessed online. Even low-traffic, or micro-niche sites are a target. While dynamic sites and popular content management systems are at a higher risk than static sites, there are many variables server-side that could put you at risk.
Here are a few reasons why your site might get hacked and the general level of severity associated with the type of hack:
- Script-kiddies: These guys(or girls) are the young padawans of the hacker world. They attempt to hack sites for fun, to deface the site or most likely just to tell their hacker-buddies “look what I did”. These types of attacks are “usually” something you can relatively easily recover from, providing you have a fresh backup of your site available.
- Affiliate scammers – These are mid-level hackers. Generally these people have bots that scan for exploitable areas on websites and will attempt to edit your current site’s pages in order to place spammy links on your site to bad-neighborhoods on the web. The links are sometimes hidden and may be hard to spot, but digging through logs can help to find which files were accessed at the time of the breach and allow you to restore them with a backup.
- Website Hijackers – These hackers are the worst and probably what all hackers dream about becoming one day. Website hijackers are in it to win it. Most times they have the most sophisticated bots at their disposal to scan for ways to breach your website or server; once they gain access to your site, they can do all kinds of things to change your website into a spam/porn/gambling/bad-neighborhood type of site. Sometimes even, they use a technology called cloaking, where it will load the site normally when you look at it, but will generate a completely different view for search engines etc. This type of an attack can be something irreversible. Even if you are able to restore the database and pages back to their original, unedited state, the repercussions associated with being black listed by search engines can make it pointless to try.
- Information thieves – This type of hack is generally used to gain information about the web server and if possible the usernames and passwords associated with the website. Once a hacker has this information at their disposal, they can really do anything they want, including all of the above. There are also instances where they have been able to use this data to gain access to billing, merchant accounts and third party systems. The severity of this type of an attack can no only harm your business, but if you are housing any sensitive information in your database, it could also mean a sizable lawsuit for damages to others.
These are just a few of the reasons a hacker might attempt to gain access to your files. A good backup plan can go a long way towards getting your site back to normal in a hurry. I can’t stress enough to backup, backup, backup your files. File backups are like an insurance policy for your website – you should never go without, no matter how simple your site might be.