Have You Been Hacked? Keep Calm and Go Through This Comprehensive Guide

When you discover that your personal information has been hacked, your first thought may be, why me? Why couldn’t it have been someone else? In truth, you might have fallen victim for a reason, perhaps a weak, easily guessed password, or a too-public social media account. But it’s just as possible that hackers got access to one of your accounts through a data breach and parlayed their access into a full-on hack attack. Either way, they’ll try to make money from their unauthorized access, and they may well do it before you even realize anything is wrong. What can you do when you realize that you’ve been hacked?

We have talked about the importance of your website to your business, gave you a couple of practical design elements to put you on the right track, and of course, talked about how you can promote it. However, another crucial aspect deserves special attention, and that’s the security of your website. Although your website’s security is probably the last point of your to-do list, you shouldn’t underrate it. If you had a physical store, you would definitely install a security system or even hire special security personnel, right? 

Why Should You Care About the Security of Your Website?

Your website is your digital store, and you need to dedicate proper attention to its security as well. The world is changing on a daily basis bringing new threats to your business. If someone robbed your physical store, you would lose that day’s revenue. However, in the case of your business website, you have much more to lose, including your company’s information, your consumers’ personal information, and finally, your digital presence. According to Hiscox the median cost of a cyber attack increased from $10,000 to $57,000 in 2019. So, this will require a lot more time and resources to recover, which is obviously the last thing you need for your business.

You can find many articles about cyberattacks on big players such as Apple, Burger King, or Facebook. Nevertheless, hackers are not targeting large companies only. Paradoxically, small businesses encounter unimaginable threats of being hacked, too. A recent study conducted by Symantec found that about 36% of all cyberattacks targeted companies with less than 250 employees. The reason behind this is quite evident. According to the National Cybersecurity Alliance, 69% of small businesses lack a cybersecurity plan, creating favorable conditions for hackers to steal sensitive information and data.

43%

of cyber attacks target small businesses

39s

There is a hacker attack every 39 seconds

3.9m

The global average cost ($) of a data breach across SMBs

300%

Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes

Why Would Someone Want to Hack My Website?

There are a lot of reasons why programmers hack websites. Some of them may even do that just to practice, however, below you can find the two most common motives.

1. Acquisition of data and personal information

There is a high possibility that the hacker is trying to access your database with your clients’ personal information. This may also include credit card details and social security numbers. You can find similar sensitive information for sale on the darknet. So, your website’s security should be your number one priority, especially when you have decided to launch an eCommerce business.

2. Spamdexing

Hackers use Spamdexing which is a black hat SEO technique to manipulate search engine rankings and promote their suspicious products or services through your website. For instance, if you’ve ever come across a clothing website selling medications, that’s most probably spamdexing at its finest. However, some innovative programmers just upsell products that are linked to the hacked website, making it harder to detect the breach. So, Spamdexing is the practice of hacking a normal website and injecting keywords and links that direct people to the web property they want to scam them with. With this, they generate a lot of revenue and, in turn, destroy your website. According to Incapsula, this is a 431 billion dollar market. Remember that if Google detects a use of a black hat SEO technique on your website, it will ban you. This is definitely something you want to avoid.

How Did Someone Hack My Website?

Firstly, you should keep in mind that the one hacking your website is probably not an actual person but a crawler created by the hacker. If your software is out of date and you’re not using secured hosting, then you are very likely to become a target of a cyber-attack.

So, if you got hacked, it is because the crawler detected in your site the specific vulnerabilities it was written to look for. Thus, don’t rush to feel special. It’s just a great signal that you should start paying proper attention to the security of your website.

Why Did the Hacker Succeed?

If “My website has been hacked” is your preferred way of saying good morning, then make sure that your website has at least one of these two pain-points:

• Your Content Management System and plugins are not up to date. Updating your website is necessary to make sure that the version your website runs on doesn’t contain any bugs. According to Sucuri.net, in 2019, 56% of hacked websites used outdated CMS applications. So, if you launched a website and completely forgot about updating it, your website will contain well-known security holes which the crawlers will detect and exploit. Therefore, if being an easy catch for hackers isn’t your number one priority, keep your website UP TO DATE.
• If you are looking for another way to please your hacker’s greedy taste buds, we would suggest using insecure hosting. If you store your consumers’ information on your server, you should make sure that your server is secure. Otherwise, you will be easy prey for stealing personal data and information. Besides, as you remember we have discussed the importance of Email Marketing to your business and explained why you should use it to promote your brand. However, remember that your server actually hosts your emails . So, insecure hosting creates favorable conditions for unauthorized users to access all of the information contained in those emails.

It is primarily due to the aforementioned issues why programmers successfully hack your website. Therefore, if you think something is wrong with your site and you have any of these vulnerabilities, don’t even ask yourself: “Have I been hacked?”

With such pain-points, there is a very low probability that you haven’t.

So, take care of your website’s security. Your consumers’ personal information and the credibility of your company needs to be taken seriously.

MY WEBSITE HAS BEEN HACKED! WHAT SHOULD I DO?

If your website has been hacked, first and foremost, don’t panic and be quick. In this case, you simply cannot afford to be sluggish. If you act slowly, you will give Google time to identify your website as malicious and blacklist the latter. For your information, Google blacklists about 9,500 websites per day. Being on Google’s blacklist is not on your wishlist, right? Also, keep in mind that in case of detecting malware on your website, Google will automatically warn your visitors that it contains malicious codes that can potentially harm their computer/gadget. This will X out your company’s credibility, and most probably, the majority of your audience won’t return to your site.

It’s time to take some notes! Now when you know that panicking won’t solve your problem, let’s see what actually will. Below we will go over several practical steps you should take to handle a cyberattack and get your website back.

1. Contact your web developer or host

Firstly, if you are the owner of the website, reach out to your web developer or host as soon as possible and describe the situation, including as many details as you can.

2. Install a maintenance plugin

If you have access to a Content Management System, you should log in and install a maintenance plugin. For instance, if you are using WordPress, then go through the following link to learn what maintenance mode is and how you can install it.

With this single action, you will solve two problems. First of all, you will save your visitors from getting affected by any malicious code resulting from the cyberattack. Secondly, Google won’t put any warnings on your site, and you will have enough time to solve the issue without getting blacklisted.

3. Scan your computer

There is a possibility that the cyber attack source came from your machine’s local environment, such as Desktop. Many hackers would steal the login information right from your local environment to access your website as usually the owner would. So, scan your computer thoroughly and make sure to clean it up from any possible malware or viruses. The following link may be handy in the process of catching nasty viruses.

4. Try to detect and decode the malicious codes in your files

Many hackers practice obfuscation as a smart technique to hide the original code applied by the hacker, turning it into something illegible. There are various obfuscation techniques which include Base64, ROT13, XOR, etc. So, use decoding scripts to find out what kind of attack/code you are going to deal with.
P.S. You can use the following platform for Base64 decoding.

5. Check the footers, headers and file permissions

There is a high possibility that it’s a Javascript frame injection attack. Thus it is vital to check the headers and footers. Furthermore, although your permissions may vary based on your server and PHP handler, make sure that they are not set to 777.

6. Change your passwords and secret keys for WordPress

Don’t forget to change all your passwords for FTP / SFTP, WP-ADMIN, CPANEL, or other administration panels. Remember to use complex and unpredictable passwords. We would also highly recommend you consider using two-factor authentication.

If you are using WordPress, then you should also change your WordPress config file secret keys. This step is essential to make sure that you have encrypted and unpredictable passwords. Click on the link to learn more about dealing with a hacked WordPress website.

7. Update your themes and plugins

After getting rid of the virus, update all your themes and the CMS. Run a well-rounded inspection to make sure that all the affected parts work smoothly.

Forensics

Once you have successfully cleaned your website from malware, it is important to analyze why it happened at all. To understand why the hackers could succeed, you should analyze and investigate the pain-points of your website. Once you find the vulnerable sides of your site, you will be able to avoid future attacks. This requires special skills and knowledge. So, if you are the website owner, you may face some trouble conducting the investigation. However, if you have access to the essential metadata, then you can use the following platforms to run the analysis:
OSSEC: A scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)
Splunk: Cloud-Based data platform for cybersecurity

Still not sure if we’re the right fit?

Why not try our services for free before you commit? Click here to apply for an up to 10 hour no obligations free trial of our services!

Learn More

Final thoughts

In short, today’s digitalized reality creates new threats to your business. If you thought that having a website doesn’t require proper security measures, let me disappoint you. On average, about 30 thousand new websites are being hacked daily. You most probably don’t want to be on this extensive list, right? So if you don’t want to experience the “have I been hacked?” feeling ever again, please pay decent attention to the security of your website.

• Take care of your website, and don’t leave it for months without any updates. Contact your web developer and make sure that your website gets proper updates on a regular basis.
• Make sure that you are using secure hosting. If you have any doubts, don’t be sluggish and contact professionals to get a hosting examination.
• Check the performance of your website using website monitoring platforms such as Pingdom. If you are experiencing slow rendering and performance, then it can be a signal of being targeted.
• Install good anti-virus programs on your computer to keep your local environment safe.