Why Websites Get Hacked
I spend a fair amount of time working on new websites as well as fixing websites that have been hacked and this question always comes up:
Why would anyone ever hack my website? I’m just a small business owner.
Depending on who you are, websites get hacked for different reasons, but there are a few specific explanations.
Automation is key
Websites attacks that target small businesses and smaller websites are fully automated. The benefits of automated attacks provide hackers the following benefits:
- Mass exposure
- Reduction in overhead
- Tools for everyone regardless of skill
- Dramatically increases the odds of success (for the hacker)
The majority of these attacks are automated and follow a specific sequence:
- Reconnaissance
- Identification
- Exploitation
- Sustainment
While thinking about how these attacks occur, it’s important to address the two types of attacks: attacks of opportunity and targeted attacks.
Attack of Opportunity
Almost all small business website attacks are attacks of opportunity. This means that it’s not one individual or group that is trying to hack into your specific website, but rather a coincidence. Something about your site was caught in the trailing net as they crawl the internet looking for hacking opportunities. It could have been something simple like having a known plugin installed, or maybe displaying the version of a platform (displaying the fact that you’re using an outdated version of WordPress, for example).
According to Sucuri, a website security company, it takes about 40 days for a new website with no content or audience to be identified and added to a bot crawler. Once added, the attacks can begin immediately without any real rhyme or reason. It can be any website; the only commonality is that they are all connected to the internet.
These web crawlers then begin to look for identifying markers. Is the website running WordPress, Joomla, Drupal? If so, is the website running any software with known vulnerabilities or bugs in the code? If the answer is yes, the site will be marked for the next phase of attack, exploitation.
The sequence of events can happen in a matter of minutes, days, or months. It’s not a singular event; it’s ongoing and occurs continuously as the bot crawlers are scanning for vulnerabilities. Once your website is on the list, it will just keep on trying until it succeeds. This is why it is so critical to have someone actively managing your website and – at a bare minimum – updating software.
Targeted Attack
Targeted attacks are often reserved for big businesses, but not always. Think of the NBC hack in 2013 or the Forbes hack in 2014. There are many examples of these attacks lately but it’s obvious why there’s an uptick in this trend. Even though it requires much greater hacking skill, the payoff to the hacker can be huge. A very common type of targeted attack is called a Denial of Service attack in which the attacker works to bring down the availability of your site by overloading it with traffic.
Hacking Motivations & Drivers
Now that you have a better understanding of how these attacks happen, let me unpack some reasons why websites get hacked.
Economic Gains
The most obvious reason why websites get hacked is for economic gain. These are attempts to make money by your audience, either by getting them to click on something or download something.
Drive-by Downloads
A drive-by download is the act of injecting your website with malware and hoping to infect as many website visitors as possible. Think of someone visiting your website and then calling you because they installed a fake piece of software that you supposedly recommended on your website. Then their bank accounts were drained. Scary and very real and devastating.
Black Hat SEO
The other type of strategy are black hat SEO campaigns. These are not as devastating, but can be more lucrative for the hackers. This is the game of abusing your audience by redirecting them to pages that generate affiliate revenue.
System Resources
The business of farming system resources is a huge motivator for hacking groups. Botnets are nothing more than interconnected systems across the internet; these can be desktops, tablets, and even servers and they can be tethered together to perform tasks like Denial of Service attacks simultaneously. These attacks that target your system resources are dangerous because they can happen completely behind the scenes without you knowing what’s going on until you get a notice from your host – or worse, a huge bill – exceeding bandwidth.
Hacktivism
The point of these website attacks often comes down to awareness and frequently consists of a hacker defacing your homepage. This form of attack can be combined with others, but more often than not they are somewhat benign and create more embarrassment to the site owner rather than affecting their site visitors.
Pure Boredom
Unfortunately boredom seems to come into play and often there is no real reason why websites get hacked.
Conclusion – Your Best Defense is Knowledge
It is easy to be overwhelmed by all of this, but we believe that your best defense is knowledge and if there’s any real take-away here, it is that you should
- hire someone to manage and maintain your website
- update whenever updates are available
Remember, security is not about the elimination of risk. Security is risk reduction. Take what you know and use it to lower your chances of getting hacked.