Hacking - Explained
What do we mean by 'Hacked'?
In general terms, when a site has been 'hacked' , we mean that its functionality has been modified - without authorisation, in such a way as will cause it to perform tasks for which it was not designed. This can apply to a website, computer or any other electronic device or service.
The nature of such modifications is varied: sometimes the system is hijacked so that it becomes a platform for distributing sending spam, whereas some hacking is designed to recover credit card details from an e-commerce site, and to deliver them to the fraudster. This is known as phishing. Very often the site is compromised so that the user unwittingly accesses premium rate sites at significant cost.
Perhaps the most common form of hacking involves the hacker gaining access to the site and planting rogue scripts that will cause the site to malfunction or even close down. This is known as malware.
One of the most distressing symptoms of hacking can be the display of pornographic images on the site, and it is not difficult to imagine how such content can be damaging to a company.
Is it likely to happen to me?
It is difficult to quote accurate statistics for hacked sites because companies are unwilling to discuss such experiences – for obvious reasons. However, a good principle is to assume that your site will be hacked – IE it is not a question of "if", but "when". This is a realistic stance to take as occurrences of hacking of major commercial sites are well documented.
Can I prevent it?
Although it is not possible to guarantee that any site will not be hacked, there are some straightforward steps that can be taken to minimise the chances of it happening.
- First of all, use a hosting provider that knows and understands your type of website. For example, if your site uses Joomla make sure that your hosting provider is familiar with that Content Managements System (CMS). In that way, they will be in a position to provide a resilient environment in which your site will be protected. We recommend that you seriously consider Siteground
- Run frequent scans on your site that will detect any suspicious activity. Ensure that your host provides a firewall that will afford sufficient protection.
- Make sure that the software is kept up-to-date. This involves the principal environment – such as Joomla or Wordpress, but also any thired party components that have been installed. Uninstall any software that is no longer needed: such software can easily be forgotten, and provide an easy point of entry into the workings of your website.
- Backups should be taken regularly and frequently. Just how often this is done will depend on how often the content on your site changes. For example, an e-commerce site will require more frequent backups than a site that contains static information. By taking backups, you can ensure that if your site is compromised, then it can be re-built.
- Choose a hosting provider who understands your Content Management System. We recommend Siteground for Joomla and Wordpress sites.
- Take backups regularly and frequently – both file and database
- Keep all software up-to-date
- Test the integrity of your site by regularly running system scans
- Ensure that you get notified automatically when any suspicious activity is detected.
If you need any help with any of this, do get in touch with us. It's what we do.