Hacking is the biggest topic next to google rankings these days.
Why, because google visits over 80 BILLION web pages a day so if your site gets hacked and google comes past you can end up with a warning on your google listing “this site may be hacked” , in 2015 we were able to repair a hacked site before google comes around again, now its a matter of urgency as you DO NOT want that message. If it remains google then places a RED blocking page which stops your site from being accessed until you repair it and BEG google to take the notice down which can take weeks.
You also risk losing your page one ranking.
Whilst all that is happening millions of computers are spreading hack attempts and Malware ( malicious ware )
A hack is an intrusion into a websites code, they take many forms depending on the desired outcome:
- Malware: A small piece of software that runs a set of commands, this can be seen or unseen, obviously the unseen is something only software can detect, seen is often a change to your homepage.
- Email: This is where the target is to steal your bandwidth and send out millions of spam emails eg: the nigerian prince spam, the $10 million dollar inheritance.
- Credit Cards: Hidden – These attack every site regardless of whether you have CC details or not, they generally implant themselves and send information back to the original source. they can cause google to shut you down
- Al Qaeda: These are generally just nuisance, done by people learning to hack, mostly easy to get rid of but they can leave a “back door” for other hacks to walk through.
- BRUTE Force: this is where your sign in is constantly bombarded with log in request, the computer sending them changes username and password each time hoping to eventually log in and take what they want.
- DDOS ( Distributed Denial of Service) : This is what happened to the 2016 census, nothing actually happens except the homepage is automatically requested by millions of computers until the system fails because of overload, this is rare and very expensive to prevent, something i feel we do not need to plan for.
- Zero Day Attack: This is a hack that has yet to be discovered and yet to be solved, thus its the first day of its existence and PRIOR to any ones knowledge.
- Ransomware: This is evil, its where they hack your site and CONTACT you to say they can fix it for a fee, no pay, no more website. A major reason for having good backups.
Then you have different hackers:
- White Hat: professional hackers that get paid to hack by big companies, ANZ etc will pay them to try and get in, this will bring up any flaws they may have and they can solve them before it actually occurs, a company like ANZ would have MANY full time white hats employed.
- Grey Hat: This is where most our hacks come from, people starting out, teenagers, they just want to show their mates a site they have hacked. Nigerians, Russians, Middle East etcc these are the ones trying to steal bandwidth, send emails and steal credit cards, most hacks are controlled by a computer and just run 24/7, they come up with a new hack once one is blocked and continue. They also share their knowledge to other hackers. The reality is just 1 credit card number can pay for a family for a whole year, and it works as they sleep. Unfortunately along the way they destroy the website.
- Black Hat: These are the really bad professional guys, generally you become a white hat after being a successful black hat, these people don’t waste time on us, they TARGET websites where the rewards are greatest. One bank in America was hacked for credit card details and within 3 days 40 Billion dollars was withdrawn from atm’s in every country in the world with atm’s, it was organised and they had teams of people waiting, they were then sent their selection of card numbers and create the cards.
So how do WE stop it?
We don’t! what we do is make it as difficult as possible for them to achieve their goals, the way we design the site and the extra software mix we use to create the right blocks, some software does X and some does Y so we make sure as many gaps are closed.
We have proven success going from over 100 hacks in 2015 down to 2 in 2016, so far in 2017 we have managed another step and reduced almost all attempts before they begin.
No website is hack proof, that has been proven over and over again by major websites like banks and government departs being hacked, NASA ( database downloaded), Target ( credit card numbers stolen), Yahoo ( 9/2016), swift bank ( credit cards stolen and used netting $81Million )