Can my website be hacked?
The chances are that you will be the victim of a hacker sooner or later. If so, the most important thing is to detect it quickly so you can react promptly and correctly to the incident.
When a house has been broken into, the signs are usually obvious: the forced front door, the broken window, house contents turned upside down, and valuables stolen. In contrast, the hacking of a website is much more subtle and difficult to detect.
Hacker vs Cracker
Whether your website was the victim of a hacker or whether your website was the victim of a cracker are two entirely different things.
Few people will know the difference; however, it is a fundamental one: hackers build things, and crackers demolish them.
The cracker will steal some or all of the content from your website. The hacker will modify the content of your website for malicious purposes. We will only cover hackers in this article.
Did you know?
The hacker ethic – Steven Levy, 1984
- Access to all computers should be illimited.
- Information should be free.
- Mistrust authority—promote decentralisation.
- Hackers should be judged by their hacking, not criteria such as degrees, age, race, sex, or position.
- You can create art and beauty on a computer.
- Computers can change your life for the better.
Source:
Wikipedia
So why do hackers do this?
A hacker’s motivations are diverse:
- To set themselves with a challenge: to prove capable of it.
- To have fun: ridiculous though it may be, it is a fun activity for them.
- To Increase their network’s power: they will use your site’s server and many others to launch a large-scale attack later.
- To withdraw money: the hacker sets up blackmail by explaining that after paying a certain sum of money (which will have to be settled in bitcoin, which has the advantage of being untraceable), he will return your site to its original condition.
- To exploit confidential data: making your data accessible to the public (especially if the data is sensitive) or selling the data to your competitors (industrial espionage).
Types of hacks
- Targeted and manual website hacking
A targeted hack is carried out by a person or a group of people and directly targets a site. A small or medium-sized business is rarely faced with this type of attack. - Bot hacks
This hack is more organised and larger. Some hackers develop software programs to analyse and exploit the security vulnerabilities of several tens, hundreds, or even thousands of sites – and all at the same time.
How do they get in?
- Weak passwords
This is the simplest method. Hackers can use techniques to guess passwords by trying multiple passwords until they find the correct one. - Insecure themes and plug-ins
Outdated and unpatched themes and plug-ins are very often the cause of website security breaches. - Social engineering
Social engineering is manipulating people to make them do something specific. For instance, sending emails asking people to give information.
Your website is likely to have been hacked if:
-
- Some strange content has suddenly appeared on the website.
- Your site is abnormally slow and/or develops bugs.
- A sudden drop in website traffic.
- Suspicious user accounts in WordPress.
- Your site redirects to questionable sites.
- Your browser warns you that your site is potentially malicious.
- Google has notified you that your site has been hacked.
How do I know for sure?
There are a few ways you can check if your website has been hacked.
Check your files
If you are familiar with code, the first thing to do is to check your website files. Most hackers attack websites via .htaccess, .php or media files. Hackers can insert hidden links or code in those files. Searching your site for “base64” is a good way to find them.
Use security tools
- Google Safe Browsing Checker will scan your site and inform you of any suspicious activity. Paste this URL into your browser and amend yourdomain.com with your website address.
http://www.google.com/safebrowsing/diagnostic?site=yourdomain.com - Google Search Console will provide you with essential metric tools and checks to determine your website’s health.
- Sucuri will check your website for known malware, viruses, errors and malicious code.
- Plugins. Our favourite is Wordfence.
It is hacked! What do I do now?
It depends significantly on the backup and prevention work you have done before. Hacking is sometimes harmless, and only a single file is affected. All you have to do is clean the file, and everything returns to normal in a few minutes.
Unfortunately, most hacks touch many source files. It is challenging to clean the site up if you are uncomfortable with coding. If you have a “healthy” backup of the site (before it was hacked), you can reinstall it. However, you will have lost any modifications made since the backup. You must proceed with meticulous patience if you do not have a backup. Get the log file from your host, which stores and dates all attempts to access your site, and the modifications will – most of the time – allow you to locate the infected files. If your database is infected, it will be tricky to flush out the hacker’s additions and clean them up.
Will my site be safe once it’s cleaned up?
Viruses are like invasive plants. Suppose you overlook a small element of them during cleaning. In that case, they can continue to harm your website or even manage to reinstall themselves completely. Furthermore, suppose you reinstall the site from a backup or clean the infected files. In that case, your site is then in the original state, which allowed the hacking initially. A new attack will have the same consequences.
To limit the risks, it is important to:
- Change your passwords regularly
- Apply updates to your CMS (Content Management System), whether it be WordPress or any alternative
- Update or remove vulnerable plugins
- Check your code. You can use this website.
- Install security plugins
- Install a backup facility
- Keep monitoring the website
The consequences of a hack
Depending on the complexity and objective of the hacking, the severity will not be the same.
Generally, It is impossible to say an attack’s direct or indirect consequences. Still, owners of pirated sites must always be ready to face these main consequences:
- The cost of cleaning the website
- Loss of trust from the users
A hacked website does not present a good company image. Your reputation will take a hit. Even worse, users will not dare to browse or order from a clearly hacked site. - Drop-in search engine rankings
Google sees everything! A hacked page often contains malicious code that spreads malware. If Google recognises it – and you do nothing about it – your page will be blacklisted. When users visit the website, a security warning will appear for them to see. It can also damage your position in the search engines (SERP). - Loss of personal or customer data
The hackers most probably gained access to your database and, therefore, had access to your data. If you run an e-commerce or membership website, they have probably got hold of all your contact information as well. Remember that with data protection legislation, you are legally responsible for the personal data collected from your customers, which cannot be disclosed for any reason without their consent.
Please note that hackers will go for any size website. Just because you have a “small” site doesn’t mean you shouldn’t be actively concerned with its security. Finally, the attacks are commonplace if you are running a WordPress website. WordPress is a very successful CMS (W3Techs report a total of 35.2% of all websites on the internet using WordPress in 2019.) and, therefore, highly targeted by hackers.
Don’t panic, though. If you ensure your website is properly maintained and that you are using strong passwords whilst using a reliable security plugin, the likelihood is that it won’t happen to you.