Many website owners think that because their website is small, or they don’t process credit card numbers and personal information, that their website wouldn’t be a target for hackers. We wish this were true. So, why do hackers hack, and what do they do once they’ve hacked a website?
Websites can be compromised for a number of different reasons. Yes, often times a website is hacked to access sensitive data such as credit card numbers, social security numbers, etc. But there are other malicious ways hackers can profit from your website. WordFence recently surveyed over 800 people whose websites had been hacked. According to that survey, these are the most common reasons for hacking:
In some cases hackers replace your content with their own political or terrorist group information. Others simply like to brag that they took down the website.
In these cases, the hacker is advertising what they’ve done for recognition for their cause, or for themselves.
Hacked websites may be used to send email spam. In many cases, this can go on for quite some time before the website owner realizes it. A slowdown in website performance, or a spike in server utilization may tip off the owner, or their host alerts them. This often results in their domain being blacklisted by spam watchdog services, and can affect your email communication and website reputation.
The attacker’s goal in sending spam is to get people to click through to their malicious websites. By hacking your website, they benefit in two ways. First they get to use the server resources for free because you’re paying for it. Second, they are able to send out their spam from your domain and IP address until they ruin your reputation.
There are a number of ways attackers can use your website to improve their website’s search engine rankings. The first is to host pages on your domain (you may not even see these pages in your file or page list), gaining the benefits of your domain rank or reputation.
The second method is to plant links throughout your site to the site(s) they want to give an SEO boost to. A hacker who compromises a large number of sites can gain greatly in terms of search engine ranking. They are able to divert traffic away from legitimate sites toward their own.
Redirects are a very effective way for attackers to funnel traffic to malicious websites. The user doesn’t have to click on a hyperlink or advertisement for it to work, they are taken there directly.
The motive here is simply to drive traffic to their malicious content.
Host Phishing Page
Phishing pages attempt to trick the visitor into providing sensitive information. In some cases they impersonate a bank or retailer and try to get you to give them valuable information like credit card numbers directly. In others they try to capture your username and password to break into various important online accounts, using it for social engineering, phishing, or to steal your identity.
Hackers can install malware that in turn installs malware on your website visitor’s computers without their knowledge. If Google detects that it is happening they will flag your site via their safe browsing program, which will cause your SEO traffic to drop significantly. The adverse affect on your website’s reputation could be significant and take a long time to repair.
Installing malware on hundreds or thousands of your site visitor’s computers gives the attacker direct access to steal information or wreak havoc on them.
Ransomware is malicious software that blocks access to your website and demands that you pay a ransom in return for having your website restored. This type of attack has been receiving a lot of media attention in recent months.
If you don’t have backups that you were able to keep out of the hands of the attacker, you may decide that paying the ransom is worth it.
Host Malicious Content
Hackers will often use your web server to host malicious files that they can access from other servers. They are essentially using your hosting account to store their files for free.
If you use Google Analytics you are likely familiar with referrer spam. Referrer spam is bot traffic to your site set up to look like it is coming from a fake referrer. The spammer is trying to get the website owner to check out where the traffic is coming from, driving traffic to the site.
Attackers get to use your server free of charge under the cover of your clean IP address. Their ultimate goal is to drive traffic to one of their websites.
Keep Your Website Safe
If you thought your website was too small to be of interest to hackers, we hope this information has enlightened you a bit to the motives and methods of hackers.
Following are a few steps you can take to help keep your website safe:
- Follow the tips outlined in our article ‘Tips to Avoid Getting Hacked’
- If your website is on a content management system (such as WordPress) install a security plugin. These will scan your website’s files and alert you if you’ve been hacked, have outdated software, are experiencing brute force attacks, etc.
- Contact your web developer to see if they offer a website maintenance plan that includes performing updates, security scanning and monitoring, and backups on your behalf. A plan that monitors your website can help prevent or stop malicious attacks that can jeopardize your website’s ranking and reputation.