hacked-website_72Small business owners often think that their website won’t be hacked. After all, they are not a “big name” company, don’t store credit card numbers or have valuable personal information. So why should they get hacked?

Hacking is a lucrative criminal business and your website provides a platform for the hackers to make their money – even without credit card or social security numbers. Here’s what they can do once they’ve broken into your website:

  • Re-direct your traffic to another site. It could be a website selling medications, pre-written term papers or pornography.
  • Send out spam. The hackers get to use the good reputation of your website to send out spam using your resources (website hosting account) that you pay for. Eventually your website gets blacklisted for sending out spam, but the hackers then just move on to another victim.
  • Host a fake sign-in page. The hackers create a page that looks like the sign-in page of a legitimate website (like Facebook or Bank of America). The send out spam with a link to this fake page on your site and then collect user credentials they can then use elsewhere.
  • Distribute Malware. The hackers can put up a page on your website with a message that encourages the user to click a link which then downloads malware to the user’s computer. The malware could collect passwords, banking information, or lock the user’s computer up until money is paid. Whatever it is it wouldn’t be good and your business reputation suffers.
  • Host Malicious Content. The hacker could simply use  your server to store malicious files. Again, they are using the storage and bandwidth resources that you pay for and potentially damage your business reputation.
  • Ransomware. A special instance of the Distribute Malware reason above, ransomware is becoming a more common threat. Essentially ransomware is a software application that encrypts the user’s hard drive so they cannot access any of their files unless they pay a ransom to the hacker to decrypt them. Your website would be used to host a page inviting the user to click a link which downloads the ransomware (probably also hosted on your website).

There are even more uses a hacker can have once they’ve compromised your website, this article explains them in greater depth: https://www.wordfence.com/blog/2016/04/hackers-compromised-wordpress-sites/.

Hacked websites are occurring with greater frequency. Google said 800,000 sites were hacked last year (http://www.darkreading.com/cloud/google-finds-800000-websites-breached-worldwide-/d/d-id/1325169). At CityCenter we’ve been called on twice in the last two weeks to help organizations who’d had their sites hacked.

CityCenter recently created a service to help prevent your website from being hacked. But whether you use our service or that from another provider, be sure you are taking effective measures to prevent your website from being hacked. And make sure you have a way to restore your site if it does get compromised.

Please call us if we can help! 626-449-0100.