Your digital security is crucial because, like athletes, hackers are stepping up their skills. According to TechRadar, the average breakout time (the time a hacker group takes from gaining initial access to a victim’s computer to moving laterally through its network) is now 84 minutes (14 minutes down from 2022) and the tendency is to just keep getting faster. Scary fast!
Plus, the 2023 CrowdStrike Global Threat Report claims that hackers are using more sophisticated techniques such as social engineering (manipulating people into giving up confidential information) and taking advantage of software vulnerabilities – without leaving traditional traces of malware behind.
A compromised site faces far more than just downtime – it can be a goldmine for cybercriminals and a minefield for you. It can lead to serious business issues like:
- Operational disruptions (payment processing failures, supply chain interruptions…)
- Reputation damage
- Intellectual property theft
- Loss of customer trust
- Full-blown business shutdowns (we mean permanently!)
So… is playing with fire worth waking up one day and finding out you’ve lost everything you’ve poured your heart into? Chew on that for a bit.
The two most common ways for a website to get hacked (or any online service are:
- Your password, and therefore poor digital hygiene
- Information stealing – data on your computer (a cookie for example) that will allow a hacker to login to anything you login to.
How Would That Play Out In Real Life?
Let’s say a seasoned hacker, Max “ShadowStrike” Johnson, feels like causing trouble.
He sets his sights on a specific company, SomethingWare (we’re not feeling very creative today). It’s a small software development company where cybersecurity is an afterthought. ShadowStrike is well aware of that – so he proceeds to call the company’s sweet receptionist, Mary, using his best professional voice and introducing himself as “Max”. He tells her that an “urgent security update” is required for their software.
Mary, as employee of the year, jumps in right away. She gives ShadowStrike – or Max – full remote access to their systems, falling victim to his smooth-talking. Once inside, Max spots several unpatched security holes SomethingWare’s server software that no one bothered to fix.
Then, he uses them to dig even deeper into their network. He finds the cookie Mary used when she edited the website recently – and she has a full administrator account enabling Max to install his own software on the website without it being seen by the users of the site. This software starts looking for other websites that contain a vulnerability to install itself on, and repeat the process.
With open access to sensitive data, Max leaks all of their confidential client information. Nobody even realizes what he’s done for weeks because he didn’t leave any typical malware footprints behind (such as suspicious files or unusual network activity).
Clients start to jump ship. The company is left scrambling to repair the damage. As for poor Mary, her job’s on the line. We hear that she’ll probably never make employee of the year again.
Why Would a Hacker Even Consider Hacking My Website, Out of the 1.13 billion Sites Out There?
Joke’s on you – every website, regardless of size or popularity, holds immense value that hackers all over the world can steal for their own gain.
But why exactly are websites like yours targeted even if you aren’t a huge company? Let’s dive into the motivations behind these attacks and divide them into “monetary” and “non-monetary” motivations.
Monetary Motivations
DDoS (Distributed Denial of Service) Attacks
Hacked websites can join a “botnet” (similar to a cyber army) controlled by hackers, launching “DDoS attacks” that flood a website with so much traffic that it crashes, often in exchange for ransom.
Traffic Hijacking
Hackers redirect website traffic to malicious sites like scams, blackhat SEO (which tricks search engines for better ranking), or phishing pages AKA fake data-stealing websites, all to make money through swiping your company’s information.
Server Resources
Hackers use compromised websites to host bots, malware, or crypto miners. Those are basically freeloaders using the owner’s server resources without permission.
Ransomware
Hackers swipe and wipe out website data. It’s what they do. Then, they demand a ransom if you want to get it back. They know exactly what they’re doing when they target website owners who haven’t backed up their data properly.”
Stealing Data (and Selling It Later)
E-commerce sites are top picks for malware that steals credit card information and other valuable data, which hackers can sell on the dark web for a profit
Non-Monetary Motivations
“For the Lulz”
Teen hackers often deface websites just for the thrill of it, simply changing their content to leave a mark, seeking an adrenaline rush and recognition. Come on, guys, get a job!
Political Defacement
Hackers sometimes vandalize websites with political messages, especially during major events like wars and elections, often driven by existing “for the lulz” motivations.
“Hacktivism”
Political attacks with a clear target, such as oil companies or animal fur producers, often involve more sophisticated techniques than simple defacements. These often involve DDoS and malware attacks.
Advanced Persistent Threats (APTs):
State-sponsored groups aim at high-value websites for espionage or getting into critical systems.
Why Understanding “Why” Matters
Knowing the attacker’s motives helps assess your website’s potential risk.
Take local cafes, for example, they’re less likely to be targeted by APTs than sites holding national databases. That’s because APTs typically focus on high-value targets with valuable data and resources, whereas local cafes may not have the same level of assets or be perceived as “lucrative targets.” That is, unless that cafe is right outside MI5, and a favourite hang out of spies with national secrets.
This understanding helps you decide where to invest in security, focusing on areas with the highest risk. Since most attacks are automated and opportunistic (aiming to make a quick buck), it’s crucial to have basic security measures in place.
Unfortunately, hackers will keep wreaking havoc on websites as long as there is value to them. We must protect our businesses at all costs.
Still Thinking “Nah, That Won’t Happen to Me”? Think Again
“My corporation has been completely shut down. Hackers have taken over our network. IP Phones cannot be used, our Admin account has been compromised, no email, employees cannot login, etc etc. Our company is being held ransom by the hackers for a large sum to release control back to us.” – Reddit User
One day, you’re running a successful business. The next day, you’re desperately seeking help on Reddit, in which your serious post yields answers like “Update resume and Linkedin. Start calling recruiters.”
You’ll be spending your days on the phone to lawyers, dealing with Cyber Security forensic investigators, and your insurance broker. You wont have any time left to keep your business running.
Remember: every website needs security protection, even mom-and-pop online stores. And yes, even local cafes. Understanding the “why” and the “how” behind potential attacks empowers you to take the necessary steps to mitigate risks and protect your valuable online space.
In our next article we’ll dive into the best ways, and the no-so-best ways to protect your website.
Stay safe, folks!