Why would anyone hack my website? It doesn’t have anything that could benefit them.
We’ve all heard of popular and busy websites getting hacked and private data being stolen - member login data, credit card numbers, and sensitive personally-identifiable data. A well-known example was Yahoo hacked in 2016 - data from at least 500 million accounts stolen. It’s obvious why a hacker would be interested in compromising those systems. But it’s not only top websites that are targeted. All public-facing websites are subject to constant attack.
Maybe your website doesn’t have thousands of login accounts storing sensitive personal data of your users, but there are many other things a hacker can use. Most of which you probably have no idea of.
Hacks on average websites are mainly attacks of opportunity. Attackers don’t target you personally, it’s more a matter of a coincidence. And smaller websites are often more vulnerable.
Cyber criminals use readily available and highly effective computer software programs (known as bots) to poke around the internet and automatically detect vulnerable websites regardless of their size or popularity. Automated attacks make it easy to target more websites, dramatically increasing the odds of success. When these initial probings locate a security vulnerability such as an out-of-date extension, the website is more directly targeted for exploitation.
Within a month of setting up your website hosting account, you will be added to hackers’ crawler lists. Their bots are constantly trolling the internet, testing everything they find, looking for vulnerabilities they can exploit.
So why are they doing it? What can they get from my small website?
You don’t have to be the end target of a hack, but your hacked website may facilitate accessing other people and computer systems.
Gain Control of System Resources
A hacker may be more interested in gaining control of your server to abuse your bandwidth and physical server resources.
- Use your server to send tons of spam email from your email address. Spam emails like this are hard to trace because they come from your server, not the hacker’s.
- Combine server resources into a leasing environment and sell the power of their hacked network to other users.
- Build a powerful network of interconnected systems, used in combination to launch a more powerful attack on a bigger target.
These type of hacks are most insidious because you may never realize they are happening. Your website isn’t affected, it’s running fine with no complaints. Then unexpectedly one day you discover your website or email account is blacklisted, your host shuts you down, your usage bill is astronomical, and your accused of hacking. You didn’t do it, but someone else controlling your system did. And you get the blame.
The hacker makes money, not by stealing from you, but by tricking your visitors.
This takes many forms, but basically they add malware to your website to trick visitors into doing something, and because visitors trust you their guard is down.
They may hijack an existing download link on your site sending visitors to another website that distributes malware. Or they insert a script on your server so visitor download something without even knowing it. These undetected downloads may send users’ personal computer or network information to hackers, allow hackers to use their computer as bots in a network of other hacked computers to launch an attack somewhere, or sell the stolen user information.
Now your visitor is infected and when they find out they may blame you. This happened to my wife while visiting a familiar website. An alert popped up saying she needed to update Flash, she clicked the download link and installed it. But it wasn’t downloading from Adobe and it included malware that messed up the functionality of her browsers and computer. This headache was a minor inconvenience, but it could have been much worse. The malware could have stolen something really sensitive, like the login credentials to her bank account. Not good!
Blackhat SEO spam campaigns
Malware redirects your website to another look-alike phishing site that attempts to steal personal or financial information from visitors. They think it’s your site, but it isn’t.
Links may be injected through your website to redirect visitors to pages that generate affiliate incomes for the hacker. Sometimes you can see the injected links, sometimes you can’t. However search engines like Google and Bing DO see them and end up indexing them into their search results as pages on your website. This can quickly harm your reputation and negatively affect your search engine ranking.
Hackers may place links on your website to improve another website’s backlinks. This common search engine optimization technique assumes the more links you have from reputable websites pointing to your site, the better your site’s ranking score. While this is not always true, particularly if the linking website isn’t about the same topic, the belief in the value of backlinks is what motivates its use.
Another possibility is a desire to damage a website because it is popular and ranks well in search engines, particularly by unethical competitors.
These are the hackers that deface your website with political or religious rants. Or a hacker is showing off to his hacker buddies. Most of these hack types aren’t particularly harmful, but they can be embarrassing for the website owner.
OK, so what can I do about it!?
Read my next blog post “How To Prevent Your Website From Being Hacked” for appropriate precautions and best practices to keep your website safe!
What's your experience with website security threats?
Do you have anything to add? Comments or questions, I’d love to hear from you. Please post your comments below!