We are coming to the end of Cyber Security Month, which aims to raise awareness about the importance of cyber security and being safe online.
If you’re a website owner, keeping your online presence secure and up to date should be a major priority. Avoiding website maintenance is like not having regular oil changes and servicing on your vehicle. You wouldn’t drive your car very long if you didn’t look after its maintenance, would you?
Well, the same process is true for your website. Your website should always be live, ready for customers and presenting your business at its finest.
But websites hardly ever get hacked, right?
Wrong. Hacked websites are a lot more common than most business owners think.
Earlier this year, tens of thousands of websites using the Drupal CMS framework were hacked, thanks to a vulnerability in the software. Hackers took complete control of many websites, causing their owners to spend thousands of dollars trying to regain access and recover their files, and many sleepless nights without a functioning website.
More recently, Duplicator, a WordPress plugin used by millions to backup and migrate WordPress sites, recently disclosed a vulnerability which can allow attackers to inject and execute arbitrary code on affected sites.
Even in the past week, our own website has had several attempted attacks on it, with hackers trying to upload malicious files and gain control of the back end. Luckily, our security software protected us from these attacks.
Main reasons why people hack websites:
To promote spam
Many hackers inject code into a website that creates new pages on the site (unbeknownst to the owner). These generally have some kind of advertising on them which they send out to thousands of people, hoping to make sales from. Not only can this hurt your SEO rankings, but these pages can also appear in your search results on Google, tarnishing your reputation.
To steal money
Cyber thieves can digitally steal money from websites with payment facilities, placing banking Trojans or malicious lines of code specifically designed to take money from you.
To steal information
Information is incredibly valuable and hacking a website and getting access to its database can prove very lucrative financially. Hackers may choose to on-sell this information or use private details for identity theft.
To show off their skills
Some hackers like the challenge of getting inside a website and see their work as a kind of trophy. Similar to vandalism, many of them remove the website and replace it with a page that has their “tag” on it.
To ruin a competitor
Sometimes a person may try and bring a competitors’ website down, to give them a tactical advantage. Luckily most business owners do not possess these kind of malicious skills, but it does happen.
How to make my website secure
There are a number of strategies to make your website secure which minimise the risk of it getting hacked, but also allow quick restoration of the site should it ever become compromised.
- Make sure your software is up to date
- Install a quality security plugin
- Setup a website monitoring system
- Regularly backup your website
As a busy business owner, you might think “I don’t have time to worry about all that”.
Luckily, our team offers Website Care Plans so that your most important business tool is looked after for you. If you own a WordPress website, we highly recommend you sign up to one of these plans. If you don’t, we cannot guarantee the ongoing performance of your site.
I’m still not convinced I need to pay for ongoing maintenance
Consider this scenario. You don’t have a website care plan. Your website gets hacked or has some display issue (which is more likely to occur if you’re not on top of software updates and don’t have an adequate security plan). You want it fixed urgently…obviously. But when you contact us, you will go into our queue. Depending on our workload at the time, it may be a number of days before we can look into your issue. You haven’t made a recent backup of your site, so our programming team has to manually fix the issue, removing any malicious code and fixing your broken website. This could take days or weeks and cost you hundreds or even thousands of dollars.
Scenario 2. You’ve signed up to a care plan, so your website software is kept up to date, making it less vulnerable to hacking attacks and display issues. In the unlikely situation that you do get hacked or suffer an issue with your website, we will offer a priority response to your enquiry. Our uptime monitor will likely identify the issue before you, so we can address it incredibly fast. As a ‘Care Plan’ client, you get access to our low hourly rates. And thanks to our daily backups (which are kept securely for 90 days), we can restore your site quickly and effectively.