How do you know whether your website’s been hacked?
Published: 20 June 2018
Why would your website be targeted
Contrary to popular belief, it’s not the larger websites that are the prime targets of hackers. Websites belonging to SMEs are frequently seen as a much easier target.
The bad guys want to gain access to your website so that they can hide malicious software that will be automatically installed on the computers of anyone who visits your website. Their goals will typically be one of four things
- To monitor websites visited, record keystrokes, capture usernames, email addresses and passwords and send them to the hackers – enabling them to access bank records, use credit/debit cards and access valuable intellectual property.
- To infect computers and servers with a CryptoCurrency mining tool (such as BitCoin). This could slow infected computers to a crawl whilst making money for the criminals.
- To infect computers with Ransomware to hold your business to ransom so that you can gain access to your documents and data.
- Take control of your PC and add your computer to a “BotNet”, a network of remotely controlled computers that can be used (without your knowledge) to attack websites in order to stop them from working, typically to extort money from the site owners. Think major gambling websites being attacked a couple of days before the Grand National for example.
- Use your PC to host illegal files and unsavoury content so that they can share your computer access details with people interested in such content and so you’ll be the one identified as the host and face possible police investigation and intense media interest.
- Deface popular websites to prove the hack and to post politically motivated “graffiti”.
Who is doing the hacking
Unlike some of the myths perpetrated in the media a couple of years ago, and although some hackers claim to hack “in the public interest” such as Julian Assange and Chelsea (formerly Bradley) Manning, the majority of hackers have moved out of the bedroom and in to the offices of organised crime and other criminal types because there’s a lot of money to be made.
The hackers use tools to scan websites for known vulnerabilities and weaknesses. Running more than 30% of websites WordPress is a prime target although all websites are potentially at risk. It has many vulnerabilities and every time a new weakness is found WordPress releases an update to patch the flaw and to ensure that it cannot be exploited. This is why you need to ensure that your WordPress site is always updated to the latest version (other Content Management Systems have similar issues).
When a website running an older version of a Content Management System is located, the hacker will use the weakness to “break in”. The cyber-criminals will then upload their malware and subsequently ensure that every visitor has the malware downloaded, and installed, on their PC without their knowledge.
Red Screen of Death
When Google discovers that your site has been compromised it starts to flag the issue in Google Search Results – as you can see in the following example screenshot.
If someone still wants to try to visit and clicks the result, Google will then show then the “Red Screen of Doom”
How can you prevent this
The new Bristol IT Company Security Operations Portal (SecOps) has been developed to help you to manage a range of security issues that have an impact on your business, including Web Site Security, GDPR and Cyber Essentials.
Accessing this feature is as easy as logging in to your SecOps Portal
- Adding your domain name in the “Site Configuration” area
- Clicking the green “Scan now” arrow.
That’s all you need to do!
Your website test will be added to the queue and as soon as your site has been scanned for malicious software the results will appear in the “Malware Scans” report.
If your site is hosting malware, it will be highlighted in red – green means your site is clean. Click on the “eye” to see the detailed results of your scan
Later this year we will add more features to the Malware Scan
- Scheduling regular scans
- Emailing Scan results