Over the past few years we have had the opportunity to assist countless victims of hacking with recovering and securing their websites. Working with these unique situations has given us the opportunity to formulate an understanding of the motivation behind website attacks and develop a solid understanding of the importance of website security and regular maintenance.
The point of this list is to demonstrate that, just because your website doesn’t store credit card info, save personal information about customers or doesn’t really get a lot of traffic, DOES NOT MEAN YOUR WEBSITE WON’T BE HACKED!
This is the worst thing that can happen and it should be your major motivator. An online business has the purpose of making money. If you are going to lose money instead of making them, it means that your online business doesn’t have a reason to exist. Website security issues will make you lose money like nothing else.
Simply Googling the term “Hack WordPress“,” Joomla! Vulnerabilities“, “Drupal Injections“, etc. will provide the ill-intentioned how-to guides teaching them how to identify and inject your website with malicious code, with video tutorials to help make sure they don’t mess up and not hack your site.
It’s been my experience that 85% – 90% of hacks are not specifically targeted at e-commerce sites in attempts to steal stored credit card information (although that is definitely something any e-commerce merchant needs to be very careful about), it’s very common that the websites being hacked aren’t typically what could be considered “high profile” websites, and a lot of hacked websites have been operating without any issue for years.
Hackers aren’t necessarily after the information that would be on your website it’s that
many sites are being built using “standardized” platforms. The most commonly targeted sites are typically also using one of many popular open source CMS, or content management systems (i.e.-WordPress, Joomla!, etc.). While the growth and adaptation of these platforms has helped reface the Internet by making an attractive and dynamic website within everyone’s reach, its also made it easier to hack and exploit unwitting site owner while they are essentially “asleep at the helm”.
This could have a serious impact on your business – resulting in loss of confidential data like client details, site downtime or embarrassing content being placed on your site. Hackers and other malicious third party developers watch release notes. As soon as they learn of a vulnerability, they start exploiting it. New security features prevent hackers from breaking into your website and inserting malicious code. These codes can harm your site and cause it to lose position in search engine results as well. Search engines may even remove your site from their listings or search results.
You might be saying, “Well there’s absolutely nothing on my website, why would anyone bother trying to hack it?” To that question, I would reply, “Because you are exactly who they would be targeting”. Hackers aren’t necessarily after the information that would be on your website, many hacks are made simply to provide a veil of anonymity while opening phishing portals in an attempt to steal personal banking information, and other valuable information from unknowing account holders. Most successful websites are successful because of responsible web maintenance, regular updates, continued polishing, and most of all SECURITY.