Why Websites Get Hacked?
When you mention a potential hack attack to your new client, in most cases you get the same answer(s), I call them the “unholy trinity”:
- My sites were never hacked before, don’t worry.
- My site is not that interesting to hackers.
- What would the attacker gain from hacking my website?
My sites were never hacked before, don’t worry
Before September 11th 2001, planes never hit World Trade Center buildings before. The point is, not only that you never know what might happen and you should always prepare for the unexpected (if you can, obviously), but a lot of stranger things happened than someone’s website being hacked.
Because you personally wouldn’t hack someone’s website, that doesn’t mean someone else is sharing your thoughts, feelings, moral values and life experiences.
My site is not that interesting to hackers / What would the attacker gain from hacking my website?
There are many reasons why websites get hacked, we’ll put them in 3 main categories:
- Financial gain
- Personal challenge
Hacking for financial gain
You might think: “But my website has only a few articles/products, I don’t make any money with it!”
That might be true but that doesn’t change a thing, your website still can be used for financial gain:
a) You or your hosting provider don’t have a website backup? Attacker can back up your website, deface (visually destroy) the live version and ask you for money in order to provide you with the working version of your website – yes, that is a ransom. Never thought of that, did you? Well, some of the hackers did.
b) Your website can be used as an online weapon. Today you can witness a lot of DDoS attacks aimed towards websites which are being against someone’s agenda. This can be related to various things, but in most cases it is about business and political competition. In short, DDoS stands for “distributed denial of service”. For example, your website/server is compromised, infected with a malicious script which is (with other scripts from other compromised servers) performing the DDoS attack.
Hackers are in many cases getting paid from some third party to get some web service or website down with this type of attack, for their agenda. In short, your website can be sold as an online weapon and used as such, without you even knowing it. This can also happen to your personal computer.
We could easily put “brute force” attack into this category as well. Brute force attack could easily be translated into “password guessing” attack. If the attacker takes over enough servers and sets up brute force scripts, there is another online weapon to be used/sold to a third party buyer.
c) Your website server (or compromised PC) can be used as a storage / distributing tool for various illegal and malicious content. Spyware, illegal pornography etc.
d) Black Hat SEO (SEO spam) – Hackers often insert fake SEO information into your website, which you probably won’t even see. This content is not related to the content of your website but to a third party websites which in most cases are related to (shady) pharmaceuticals, gambling and pornography. In some cases your website might even redirect your visitors to the third party website so your visitors may see something they don’t want / didn’t expect to see. Because of that, search engines like Google and Yahoo may block your website from being indexed.
e) Credit card info – Are you hosting a web shop and storing your client’s credit card numbers on your server? Hopefully you won’t need to explain to them why some (happy) hacker is buying a new furniture with their credit cards. 🙂
f) User data such as login usernames, e-mails and passwords which are compromised can be sold on black market. Great example of this is Linkedin breach where 117 million user accounts were compromised and data sold on the black market.
For example, your client’s emails from your newsletter list could be compromised and sold on black market for spam purposes. You don’t have to be a “big shot” for this to happen on your website/server.
Specific user data can even be used for various identity theft schemes.
Hacking as a personal challenge
Sometimes hacking is done for a simple reasons which are not related to finances. This could be done out of curiosity, boredom, for fun, for bet, for bragging rights or even as a practice for future hacking related “projects”.
Hacktivism can be related to religion, nationalism, anti-globalism, human rights etc. Most cases of hacktivism are related to page defacements. For example, instead of original website content, attacker publishes some message or an image such as logo or a flag. In some cases of hacktivism server data is compromised and publicly shared.
OK, it is not that bad. But for the start, you need to realize that web is not just a wonderful land of endless opportunities. Once you understand that every website can be hacked, you can start to work on protection and good everyday practices to make your site more secure and your clients and visitors happy. 🙂
If you are a developer / system admin struggling with your clients not being aware of this subject, feel free to link this article to them and help them understand that their website security is important. After all, they wouldn’t leave their office door unlocked at night, right?
Let us know how do you protect your websites down in the comment section. Did you ever had any experience of being hacked?