According to a recent article in the New York Times, security experts say that there are two types of companies in the U.S.: those that have been hacked and those that don’t know they’ve been hacked. In last month’s post, we discussed five basic security precautions that can help keep you from becoming a hacker’s next “low hanging fruit.” But what if you have already been hacked? What do you do? Join us as we take a look at ways to know if you’ve been hacked, how it happens, and what steps to take in getting your site running again.
According to a recent article in the New York Times, security experts say that there are two types of companies in the U.S.: those that have been hacked and those that don’t know they’ve been hacked. In last month’s post, we discussed five basic security precautions that can help keep you from becoming a hacker’s next “low hanging fruit.” But what if you have already been hacked? What do you do? Join us as we take a look at ways to know if you’ve been hacked, how it happens, and what steps to take in getting your site running again.
There are many ways you may find out that your website has been hacked. The most obvious is when the hacker has simply defaced your website. You wake up one morning, open your browser and low and behold, your website is no longer there. It has been replaced by a new page and has a big sign saying “Hacked by ______ (fill in the blank).” Or even worse, you get redirected to, hmmm, let’s call it an “unsavory” website. Well, in those cases it is obvious that you’ve been hacked.
However, hackers oftentimes will attempt to cover their tracks so that it isn’t obvious that a site has been hacked. They’d really prefer that you didn’t know about it, because they want to use your site as long as they can to do their dirty work.
Here are some big signs that your website has been hacked:
In a survey last year by StopBadWare and Commtouch, 63% of website owners indicated that they did not know how they were hacked. If your website has been hacked, it is critical to understand how it happened in order to prevent another hack by the same hacker.
There are many, many ways a website can be hacked. Here are some common ways hackers can take control of your website:
Note: getting hacked because of someone else's site on the same server is a good reason to avoid cheap hosting providers. They don’t always have the best security practices and you often have “bad neighbors” on the same server.
Getting your website hacked is a big deal and it can be fairly complex to clean it up. But here are the high-level steps that you and / or your support team should take once you discover that you’ve been hacked.
First of all, stay calm. You can recover.
If you don’t have the right technical expertise on staff, your best option will be to call in a support team. Ideally, this will be someone with both strong technical expertise as well as someone who is familiar with your site and its configuration. This can include your web developer and/or your hosting provider.
Web designers without a programming and technical background may have a harder time assessing the issue and fixing it. Experienced web developers (e.g. programmers) should have the necessary skills to assess and fix the problem.
Many hosting providers will not do the actual work of cleaning your website. But they can provide invaluable assistance or may have other customers that are experiencing the same issue.
You will need to get your information together for your team. Your developer / team will need access to:
You should consider keeping this information together in a safe location that you can access quickly in case the need should ever arise.
You should temporarily shut the site down while it is being assessed and fixed. Your hosting control panel may have the ability to temporarily turn off your site. Or you may need to password protect the main directory where your website resides to block visitors from accessing your site while the team works on fixing it.
You will want to scan your local computer(s) with your anti-virus software to make sure they aren’t infected with malware, spyware, Trojans, etc. Be sure your anti-virus software is up-to-date before using it to scan your computer.
Your support team will hopefully be fully engaged by now working to diagnose how the site was hacked and then work to clean up and restore your site. Here is a sample of what they will be doing:
It is very important if at all possible to understand how the site was hacked so that it can be properly cleaned. I’ve seen a number of websites that were repeatedly hacked by the same hacker until the proper fixes were in place.
Getting your website hacked is no fun. But you are able to recover from it. So stay calm and call in the right support team to get it fixed and running again. While we’ve just skimmed the surface of the process needed to clean the site, having the right support team in place can make a big difference.
Of course! Our emergency website services can help repair and restore your website after it has been hacked. Contact us today to learn more.