A simple question!
It’s hard not to feel as though you have been singled out by some shadowy hacker somewhere, but the truth is usually less exciting.
For the hacker the advantages for this method of attacking are clear:
- Many sites are attacked in a relatively small amount of time
- Reduces the time-cost overhead for the hacker
- The tools to perform these kinds of mass attack are usable regardless of skill
- Due to the number of attacks the chances of success are high
- Reconnaissance – The hacker identifies a vulnerable site that the automated software has found on the web
- Identification – The hacker then identifies the vulnerabilities of the site
- Exploitation – The hacker exploits these vulnerabilities and gains control and / or access to the site
- Sustain access – The hacker puts things in place to ensure they can maintain access or regain access if the hack is discovered
The first two steps can use bots, scripts and other code to trawl the web looking for opportunities. The next two steps can also involve automation but are likely to involve the hacker using manual techniques as well.
Types of attack
The most common attack is an attack of opportunity. Research has found that within 30 – 45 days of a website going live, regardless of content and audience, it will be added to a bot crawler. The bot crawler wil then start looking for vulnerabilities, such as:
- Old versions of the CMS (Content Management System) that the site runs on
- Outdated plugins
- Common passwords
- If a vulnerability is found by the bot, the hacker is notified and the next stage of the attack begins. Note that if no vulnerability is found, the bot will still keep coming back, and keep looking for vulnerabilities.
Less common (but still a concern) there are targeted attacks, this type of attack is usually associated with large companies and sites. A common type of targeted attack is the DoS (Denial of Service) attack, where a hacker attempts to take a site off-line.
So why do hackers hack sites?
So what can I do?
We have talked about web security previouslyhere, but here’s a quick summary of what you can do to stay safe:
- Make sure you keep the software that your site runs on updated, and maintain a regular update schedule
- Use strong passwords, we recommend using a password wallet such as LastPass to enable you to keep very strong passwords that you don’t need to remember
- Take regular backups of your site, in the event of a catastrophic hack this will make getting your site back online a lot easier
If you would like to discuss your sites security or arrange a site audit, then please get in touch or call us on 01625 666900.
We develop and implement big ideasServices
We have over 30 years of design experience and were early adopters of the web, so we know how to grab the attention of the viewer - whatever the target audience.
At Williams&Crosby we believe that marketing is about delivering a sustainable competitive advantage for our clients.
Exhibitions & Events
If you are looking for an exhibition stand that will give you stand out and attract more we can provide a solution to meet your budget.
Creativity and solution creation should never be about making pretty marks, it’s about the intelligence behind the marks. This is what distinguishes good from outstanding.