You might have just got your new website done or it might have been a couple of years since you updated it but you either find out by yourself or someone contacts you to let you know that your website has been hacked.
This post is brought to you by my Free Cybersecurity Newsletter which you are free to share with your own networks (powered by Mailchimp).
Hacked? But why?
For attackers, your website is a quiet place to set up shop and upload a file that serves as another webpage (usually a form to gather login credentials) that works as a part of a phishing or spearphishing campaign.
It is automated and indiscriminate so looking to point the finger at your competition or some malicious person will usually lead to dead ends. Right now, you need to focus on getting back online.
How did this happen?
Simply because you allowed it to be left open to constantly evolving attacks. Websites and the webservers that provide them are not a set-and-forget proposition.
Just like your desktop computer needs to have the latest updates applied so does your website and webserver.
So what can I do?
Best way to address this is to restore from a known good backup. You keep backups right?
Failing that you will need to have to hunt down the changes made by the attacker and remove them. This is not easy as attackers often try to bury what they do to make it harder to find and remove.
Look for unfamiliar users on the website (if you allow this), try to search for files that look out of place and see if you can remove it. Times like this, having an excellent webmaster really pays off. A lot of the cheaper webmasters at this point struggle to grasp the inner workings of your website even though they made the website.
In most cases however, people opt to simply redo the website for a variety of reasons (can’t find webmaster, website is old and due for an upgrade anyway, limited budget to find and correct the problem, no backup etc).
Once you have cleared the problem you will then need to request a review with Google. The full run-down on how to do this can be found here. If you are not comfortable with messing with the back end of your website it is well worth the few dollars it will take to get a competent professional to get this done.
Keep in mind that this process could take between a day or two to several weeks depending on what happened to your website. (https://developers.google.com/web/fundamentals/security/hacked/request_review#4_wait_for_the_review_to_be_processed)
How can I stop it?
The ways in to a website are numerous but staying out of reach of the bad guys is not complex as you might think. By applying the basic cybersecurity practices we use in our day to day lives to our web servers we can avoid being the low hanging fruit.
Backup, backup, backup : You know you should so what is wrong with taking a backup of your website on a regular basis? It can be automated with most web hosts and you can get into the habit of taking a backup before making any changes to your website. Just a few minutes can save you thousands in lost sales and recovery costs.
Update regularly : Your webserver and website software rely on millions of lines of code in hundreds of software components and this code requires updates as vulnerabilities are discovered by security researchers. Checking for and applying updates will go a long way to reducing the risk of attackers getting a foothold in your website.
Consider a CDN : CDNs or content delivery networks are services that can help prevent attackers from directly accessing your website by caching a copy of your website to not only give faster load times but can also protect your site from automated attacks.
Cover the basics : All of the countermeasures above mean nothing if you protect your online assets with weak passwords and sloppy security practices.
Get comfortable with using secure passwords (a password manager helps tremendously) and employing 2FA where available. These basics are covered in my short Cybersecurity for Everyone Series as listed below.
101 : Passwords
102 : Password Recycling
103 : Password Managers
Taking it to the next level
Employing someone who understands cybersecurity to keep you up to date of looming threats is going to give you in most cases an edge over attackers as it can take days to weeks for them to exploit these flaws. Something like subscribing to my Free Cybersecurity Newsletter which you are free to share with your own networks (powered by Mailchimp).