WEB SECURITY blog

INFORMATION, TIPS AND NEWS ABOUT WEBSITE security

Website security

Why hackers attack my website?

September 13, 2017 07:09 am

Oliver Sild
Founder & CEO

Why would any web hacker attack my small website?

You are an entrepreneur, manager or a marketing pro responsible for the website in a company which is simply meant as a digital business card to introduce the company, its services, and the latest news. You probably have seen or heard about some web hacker defacing or attacking websites almost like randomly?
Not including any of state secrets, right.. but why the hell are they still doing this?

web hacker webarx

Making money (a lot of money).

Yes, even a small website can generate a substantial amount of money. Cybercriminals and web hackers can make money with your compromised website by distributing malware, SEO spam and even set up e-mail spam servers and phishing sites.
Money is obviously the most common motivation behind the attacks.

SEO Spam

web hacker web hacker webarx
This type of spam is making a lot of money. Injecting backlinks and spam to a legitimate sites remains one of the most profiting and popular types of website attacks.

After the website is compromised, a malicious backdoor will be uploaded to the website which gives access to the attacker allowing him to invisibly redirect your visitors to their scam sites at any time they want.

Apart from generating money for the web hacker, your website gets a penalty from search engines which will ruin your SEO.

“The scam has been traced back to organized crime syndicates operating in what is estimated to be a 431 billion dollar, and growing, market. Its scale, and the danger counterfeit drugs pose to the public health, prompted repeat action from FDA, Interpol, among others.” — Incapsula

Malware

web hacker webarx

“It’s possible to have your operating system, browser, plugins, and applications exposed to exploits looking for vulnerabilities just by visiting an unsafe website. SophosLabs sees tens of thousands of new URLs every day containing drive-by downloads.” — Sophoslabs

Yes, it’s the worst case scenario, but evil-minded web hacker can use your website to infect visitors with ransomware. Between 2014 and 2016 over 100 000 WordPress and Joomla! sites were redirecting visitors to Neutrino Exploit Kit, which tried to penetrate the browser on the visitors’ computer and when being successful, infected the operating system with CryptXXX ransomware.

It’s also a billion-dollar market: read more here.

And it’s growing:
According to the latest volume of the Internet Security Threat Report:
$1,077 = Average amount of money demanded per person in 2016
$294 = Average amount of money demanded per person in 2015

There are many other ways to make money with malware. For example, hacked websites can be connected into a large botnet, which then can be used to provide a DDoS service to attack other sites and web services.

And then there are these guys…

web hacker webarx
Deface web hackers, vandals, script kiddies, kids – who test their skills and love to show it off on hacking forums and compete with the fanciest defacement. Luckily, these kind of attacks are usually the easiest to detect and fix.
You can find defaced websites from mirror sites, where defacers actively post their new victims.

Here’s the reality! Do you know what they all have in common?

web hacker webarx
Website vandalism/hacking is mostly automated! This is a critical element as there’s a common misconception on how attacks are being executed.

Here’s an example of how web hacker hacks your site:

1 – Web hacker with evil intentions begins with making a list of targets by country and special fingerprinting (Google Dorking). He can use (automated tools available) Google to find every website in the Czech Republic with the default WordPress page “Hello World” like this: site:.cz inurl:/hello-world/

2 – Now, with the list of over 5000 WordPress sites, there are many possibilities. He could start fingerprinting (automated) specific vulnerable (outdated) software and try to brute-force the admin account with different combinations (also automated). This is the step where he can already have the access to a lot of sites (most of the sites are not frequently updated and lack security measures).

3 – As the last step, it’s all about infecting and using the site as the attacker wishes (khm.. also automated).

Everything is automated – the attacker might have hacked your website without ever visiting the site or seeing it with their own eyes.

And yes, you should worry about it! Keep in mind that similarly to the abandoned buildings that get freaky graffiti and tags on the dark corners — it’s just a matter of time when your website gets defaced and infected with malware if you don’t have basic maintenance, security measures and proper monitoring in place.

Ok, ok… But how big is the problem?

To find out, who could be better than google on saying what is going on in the web.
Here’s what Google released on their blog at the end of March 2017:

“We’ve seen an increase in the number of hacked sites by approximately 32% in 2016 compared to 2015. We don’t expect this trend to slow down.” — Google

Since there is almost a 1/3 chance that your website is running on WordPress, you should already know that 2017 didn’t even start with a positive tone.

1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure

Even WiFi routers can hack your website:
https://www.bleepingcomputer.com/news/security/home-routers-used-to-hack-wordpress-sites/

If you have WordPress or Drupal Website – read this!

If you have a Joomla Website – read this!

Your website is the face of your company, protect it!


Website security

suggested articles

100% free to get started

Secure your websites in under 3 minutes - No credit card required.

Get started
WebARX is compatible with following platforms:
PHP
WordPress
Magento
Drupal
Joomla