February 8, 2024
This is the question most people ask when their website gets hacked. They often have no idea what anyone would gain by hacking their website. They can’t imagine people hacking without a personal connection to them and they think the hack is something against them.
But it’s probably not. Big corporations may be vulnerable to being targeted, but for small to medium websites, the lure tends to be simply being able to use your hosting environment in a parasitic way.
THINK OF A BASEMENT
Think of it like this: you have a house and you live in the above-ground part with electricity and running water and everything else you need up there. You also have a basement where you rarely go (I’m making this up by way of illustration; don’t worry if it’s not an exact description of your living situation). The basement also has electricity and running water. A small group of people who manufacture illegal addictive drugs find your basement unlocked and sneak in and start quietly manufacturing drugs down there. They’re hidden from the public, they’re hidden from the law and they can make drugs using your electricity and water—just as long as they’re very quiet and you don’t happen to go down one day and notice that there are things all over the place that aren’t supposed to be there.
That’s what it’s like having hackers get into your website.
HOW THE HACKERS GET IN
Hackers can get in by all kinds of means, including when:
- You have used weak passwords, easy enough for someone with a password-cracking robot to crack (and especially if you have a user with a generic or guessable name like “admin”).
- You have neglected to upgrade your website’s code or plugins.
- Your host company has neglected to upgrade the server code base that your website runs on .
- Your site has been accessed using an insecure connection that enables hackers to intercept the logins.
- Your site uses plugins that allow zipped file uploads and downloads.
HOW DO HACKERS FIND THE TIME TO HACK?
And how does anyone have the time of day to figure all this out to break into your well-intentioned website?
I remember when I first encountered a hack I had to clean up, I wondered this too. Then I encountered one of the hacks that, once it’s in your website, can replicate itself from within, even when you have re-secured the login access with strong new passwords (I’ve seen files reappear where I just deleted them, happening before my eyes). These are increasingly common—nasty things—and when they’re in a site, they can infect hundreds of folders full of files at once.
Which raises the next question: who has the time to code up these elaborate self-replicating hacks?
LABOR CAMPS FULL OF HACKERS
There was an article in the New York Times at the end of 2023 which shed light on both of these questions. It tells the story of a person who was kidnapped and imprisoned in a forced labor camp in Myanmar where about 70 people were forced to work at online scamming. Apparently there are hundreds of thousands of people who have been trafficked into criminal gangs in South East Asia—many of them carrying out online scams.
The person at the heart of this NYT story escaped after seven months but by the sound of it, escape is rare. But the stories those who have escaped have shared give us the answer to the questions about who could have the time to do all this hacking. It’s probably not people with nothing better to do with their lives. It’s more likely to be people who are in bondage to criminals at a large scale.
And guess what? Your modest website is as good as any place to operate from if they can get in. So your hacker may be an individual, but a hack is possibly more likely to be the result of one of these criminal gangs.
WHAT ARE THEY DOING WHEN THEY HACK MY WEBSITE?
Once they are in, they can do all kinds of bad things, including :
- Host illegal content
- Send spam emails from your domain
- Mine cryptocurrencies using your processing power and bandwidth
- Use your server as a base for spreading more malware to other websites
- Inject spammy links to manipulate search engine rankings for other websites (which will harm your website’s reputation)
- Collect sensitive information your users may enter on your website
HOW YOU CAN PROTECT YOUR WEBSITE FROM HACKS
So buckle up and…
- Change your passwords. Change them to strong passwords like the ones you can generate here.
- Logout all users after you have changed the passwords, just to be sure.
- Keep your website maintained to the highest code-standards.
- Make full backups often if you update your content often (and at least once a year, regardless).
- Keep your backed-up files in a secure place that’s not your actual hosting environment (either in cloud storage or on a hard drive).
- Install firewalls, malware scanners and intrusion detection systems (be aware, however, that if you install trackers to alert you to brute force login attempts the results of this can be as annoying as a security web cam that sends you an alert every time a cat or a squirrel goes by).
Then relax. You can keep hackers out if you do all the things. Just as you can keep intruders out of your basement.