What? Why Would Someone Hack My Small Business Website?

Small Business Website Security: Automated Attack and Protection Strategies

Small business websites are often targeted by cybercriminals, and their motivations are often economic benefits. These cyber criminals will use hacked websites to spread malware, conduct SEO spam attacks, and even build spam servers and phishing websites. Injecting backlinks and spam to legitimate websites is a particularly profitable and popular type of attack.

The reality of automated attacks

Website hacking is largely automated, meaning hackers can hack without accessing the website in person. This misunderstanding of how attacks are performed often leaves small businesses unprepared for threats. Without basic maintenance, security measures and proper monitoring, any website could be at risk of being tampered with and infected with malware.

The incidence of website intrusions is rising, and Google reports show that the number of hacked websites increased by 32% in 2016 compared to 2015. The website represents the company’s online image, so strong protections are needed, including software and plug-in updates, strong passwords, reliable security plug-ins, regular backups and secure hosting providers.

Motivation of attack: Money

Even small-scale website intrusions can generate huge profits. Cyber ​​criminals can make money by spreading malware, conducting SEO spam attacks, and even establishing spam servers and phishing websites. Money is obviously the most common motivation behind attacks.

SEO spam

(Screenshot of the pharmaceutical scam on the infected website)

This type of spam is making a lot of money. Injecting backlinks and spam into legitimate websites remains one of the most profitable and popular types of website attacks.

After the website is hacked, the malicious backdoor program will be uploaded to the website, allowing the attacker to secretly redirect your visitors to their fraudulent website at any time.

In addition to making money for hackers, your website will also be penalized by search engines, which will damage your SEO.

"The scam has been traced back to criminal groups active in a growing market estimated to reach $431 billion. Its size and the dangers of counterfeit drugs to the public health have prompted FDA, Interpol and other agencies to take repeated actions .”——Incapsula

Malware

(Malware sample on the hacked website)

"Just visiting an insecure website, your operating system, browser, plug-ins, and applications may face exploits looking for vulnerabilities. SophosLabs sees thousands of new URLs containing driver downloads every day. ”—SophosLabs

Yes, this is the worst case, but your website can be used for ransomware that infects visitors. Over 100,000 WordPress and Joomla between 2014 and 2016! The website redirects visitors to the Neutrino Exploit Kit, a tool that attempts to penetrate the browser on the visitor's computer and, upon success, infects the operating system with CryptXXX ransomware.

This is also a multi-billion dollar market: https://www.php.cn/link/7e8dae845c0913d1bff36953378df627

It is also growing: According to the latest issue of the Internet Security Threat Report:

• Average amount required per person in 2016: USD 1,077
• Average amount required per person in 2015: USD 294

There are many other ways to make money with malware. For example, a hacked website can be connected to a large botnet and can then be used to provide DDoS services to attack other websites and network services.

Other Attackers

(Angry Penguin on Russian website)

Breakers, script boys, tamperers, they test their skills and love to show off and compete for the most dazzling tampering on hacker forums. Fortunately, these types of attacks are usually the easiest to detect and repair.

You can find tampered websites on the mirror site where tamperers will actively post their new victims.

Common points: Automated attack

What are the common points of all these attacks? They are all automated! This is a key factor because there is a widespread misunderstanding of how attacks are performed.

Seval of website intrusion:

1. Hackers with malicious intentions first create a target list through national and special fingerprinting (Google Dorking). They can use (available automation tools) to find all websites in the Czech Republic that have the default WordPress page "Hello World", for example: site:.cz inurl:/hello-world/. Try it yourself.
2. Now, with a list of over 5,000 WordPress sites, there are many possibilities. They can start identifying (automatic) specific vulnerable (outdated) software and try to brute force the administrator account using different combinations (also automated). This is the step they already have access to many websites (most sites are not updated frequently and lack security measures).
3. As a final step, it all depends on how the attacker wants to infect and use the website (khm… is also automated).

Automation means that hackers may never visit your website and have never seen it in person.

Yes, you should worry about it! Remember that similar to abandoned buildings, there will be weird graffiti and labels in dark corners—if you don’t have basic maintenance, security measures and proper monitoring in place, your website has been tampered with and infected with malware It's just a matter of time.

How big is the problem?

To find out, what else can be better about what is happening on the web than Google:

The following is what Google posted on its blog at the end of March 2017:

"We saw a 32% increase in the number of hacked websites in 2016 compared to 2015. We do not expect this trend to slow down." - Google

Since almost 1/3 of websites run on WordPress, you should already know that 2017 didn’t even start with a positive tone. Even a WiFi router can hack your website.

I won't list a lot of stats here, but if you have a WordPress site you can get some tips from my previous posts.

Your website is the storefront of your company on the Internet, please protect it!

(The following is the FAQ part, the content is consistent with the original text, and will not be repeated)

The above is the detailed content of What? Why Would Someone Hack My Small Business Website?. For more information, please follow other related articles on the PHP Chinese website!