Website Security: So You Got Hacked, Huh?
Congratulations. You worked hard, created a great site with what you thought was decent website security, and did well enough that someone maliciously attacked your site and damaged your intellectual property.
You’ve made it to the big time.
And, despite what the movies say, there were no evil green screens full of mysterious code or laughing teenagers wearing VR headsets and rollerblades. The Prodigy didn’t play, nobody downed a can of Surge can and called you a n00b, and no worm made out of bits and bytes ate its way through your banking data.
In spite of what you’ve been lead to believe, it was actually kind of mundane.
What a disappointment, right?
So let’s unpack it. Today, we’ll be taking a closer look at getting hacked, what it means, how you can recover from it, and what you should do to protect yourself in future.
What Does Getting Hacked Mean To The Man On The Street?
Let’s take a look at what it looks like when you realise you’ve been hacked.
You wake up. It’s a normal day. Nothing awful has happened to you…
You visit your website.
The site isn’t acting normally. It could be it keeps linking you away to some cryptocurrency site (as recently happened to us – thanks, Internet stranger!) or someone’s left you a message telling you to look at your server for instructions from them. The one thing these breaches have in common is the breach part – someone came in during the night, opened your fridge, rubbed their bare armpits all over your peanut butter and jelly jars.
Whatever it is, there will be something clearly wrong with the site itself, prompting you to take a closer look at it, at the things that are not working. In our case, it was that we’d suddenly become a portal to something like appz.deeznutscurrency.farm_420#api (not a real site – not a real anything).
The user comes to our website like it’s a destination they’re visiting for digital marketing news. And to get there, they drive their web browser to us like they’re in a car. It’s a nice drive, very boring and simple, and one they’ve done a dozen times before. When they get to our site, though, a hacker in a clown wig and a BitCoin baby t-shirt throws a brick through their window, jumps in the driver’s seat and takes the wheel.
“Move over,” the hacker says. “We’re going to Crazy Town. I’m going to take a dump in your glove compartment, then drive your car into a lake.”
And it’s never anywhere good they redirect you to, either. Nobody ever demolishes your website security and redirects your users to local charities, or videos of cats playing hide-and-seek with dogs. These hackers more often use these hacks to either blindly damage computers for sport, or they’re trying to make money.
More often than not, it’s the money.
And that’s getting hacked. Sound different to what you expected?
What The Movies Get Wrong
All things aside, most movies don’t say much about actual hacking at all.
Furiously tapping away at a mechanical keyboard as 3D polyhedrals full of blinking cursors fly out of your screen is so little like actual hacking, it might as well just be magic.
Web Daytona Director of S.E.O. and resident tech all-rounder, Nika Stark weighed in: “It’s the speed. Whatever they’re trying to hack into. For example, whenever you write up a command for your trojan to carry out, it takes time. It’s not instant like the movies portray. Things could take thirty seconds or things could take ten hours. It’s too fast in the movies, and way too easy.”
For purposes of the new readers, a Trojan is a piece of command code that hackers package and inject into websites that slowly open up backdoors for them to hack into, over time.
The point is, hackers aren’t mystical summoners dealing in black arts. They’re tactical thinkers and strategists who chisel away at your defencxes, looking for weaknesses.
What To Do About It
Depending on the severity of the hack, as well as your own technical capabilities, the solution to your hacked website may be as simple as resetting the site on the server.
A thoroughly disastrous hack will leave its imprint on the server itself, in which case you’ll have to get the administrator of your server to do a reset on his or her side.
For preemptive protection against hacks, we recommend using either Wordfence or Bulletproof security to set up firewalls on your site.
Lastly, be vigilant. Check in with your site on a daily basis, and have a point of contact where users can reach you if they go to your site and discover a hacked landing page covered in dancing Kevin Mitnick cartoons.
Compromised Website Security Can Happen To Anybody
It’s true. Everyone from mom-and-pop websites to Facebook (on two occasions, in fact) gets hacked – it’s a simple fact of nature, like the rain or that weird guy in the clown wig and the Bitcoin shirt from earlier.
The important thing is to react to it as soon as it becomes an issue. And to call the cops when you see that guy approaching your car – there’s something not right about him.
Are we bothered about one little hack? Absolutely – any breach of security is a concern, but there are steps to be taken, both to fix the problem and to make sure it doesn’t happen again. You learn, adapt, and come back stronger than you were before
Interested in learning more about getting the best out of your online presence? Get in touch with us, or check out some of our other great blog posts, today.