I deal with hacked websites all the time and the first question clients ask is “why my site?” The sites in question are always small businesses, often local, and their owners don’t understand how hacker even found their site.
What Hackers are Looking for When They Hack a Website
According to David Anderson, founder and lead developer at UpDraft Plus, hackers are looking for three things:
- Free Computing Power
- Ability to Churn out Spam
- To Serve Up Viruses
The scripts that hackers install on a hacked site let them do some combination of those three things. But how do they decide who to target?
Who and Why Hackers Target a Website
- Geopolitical Hackers (nation states/hacktivists) chose your site because they don’t like what you represent or where you live.
- Retaliation Hackers don’t like what you have to say
- Financial Hackers are looking to make money by taking your stuff or serving up spam
- Opportunity Hackers do it just because they can. Your site or hosting was insecure so they exploited the opportunity.
How Hackers Find a Website to Target
Hackers have access to a multitude of tools and bots which they can send out to find specific vulnerabilities in websites and hosting companies. One specific bot can target WordPress installations and then will run through a bunch of tests looking for vulnerabilities which might be there if the website owner has not performed updates. Another bot I have experienced myself will identify a WordPress installation and then the hacker will attempt a brute force attack – an attempt to guess your username and password to gain control of your site.
The Problem May Be Your Hosting Company
One client used a small hosting company because they were local and cheap. The client had an awful time with their site being attacked and the home page replaced by Islamic jihadist propaganda. The site was a simple brochure site, without even a form and I’d changed their FTP credentials multiple times. The hosting company swore it was something on our site allowing access, but a quick Google search showed many of their users complaining their sites were being hacked. We switched hosts and the client has had no trouble since.
How To Stop Hackers
There are as many ways to protect your site as there are ways to hack your site. There are a few things you can do to lessen your vulnerability:
- Change your FTP and hosting passwords often, a minimum of quarterly is recommended.
- Don’t use “admin” as your admin name. Choose an admin login name just like you would a password with numbers and characters as well as letters.
- Use a complex password of at least 9 characters, including letters, numbers and characters (!%$, etc)
- If you use WordPress, change the name of your wp-admin folder using a plugin like iThemes Security . Don’t just change the folder name – you’ll break your installation!
- If you use forms or other places where users enter information, make sure the entered information is being scrubbed by your back-end code.