October 30, 2014

3 Tips for Surviving “The Year of the Hack”

2013 the year of the hack

“The year of the hack” is upon us. Your business needs tips to survive.

From almost the beginning of 2013, stories of alleged hacks on U.S. corporations, organizations and government agencies by foreign governments and malware attacks by cybercriminals on companies like Apple and Facebook have dominated the news.

The attacks have been so pervasive they’ve caused The Atlantic Wire to recently dub 2013 “The Year of the Hack.” And last month Google launched a special resource for hacked sites. Below are three tips to help your business prepare for whatever comes.

3 Tips for Surviving “The Year of the Hack”

Gain a Better Understanding

While motives like cyber espionage may be the aim of hackers attacking larger corporations and government websites, attackers of your business site are more likely interested in just one thing: money.

According to Google Developer Programs Tech Lead Maile Ohye, attacks generally come in two flavors, including hacking a site to add spammy content or hacking a site to distribute malware. In the first instance, a hacker would exploit a vulnerability on your site and add links to a site or sites of their own. In the second, a hacker would use malware to gain access to your site and those of your visitors with the goal of stealing log in credentials for online banking or financial transactions.

View Ohye’s full video below for more details.

Take Some Defensive Steps

Simple steps can be taken to at least reduce your vulnerability to a hacker. For example, avoid reusing passwords on your sites and other accounts, including online banking. This way, if a hacker obtains access to your user data from a third-party site like LinkedIn, Twitter or other social networking sites requiring a log in, they will not necessarily have obtained access to other, more sensitive accounts. Ohye also suggests watching out for outdated or insecure software or vulnerable plugins loaded to your site, which can unintentionally provide access to a hacker.

Finally, hackers can install malware on your personal computer, which then steals log in credentials when you sign into your Website, so make sure you have adequate security to identify this kind of tampering before it’s  too late.

React Appropriately When the Worst Has Happened

If your site is compromised, it’s important to take action. First, determine whether you or someone on your team is tech savvy enough to address the issue in-house, or whether you will need to get outside help to address the problem. There are sources of help for site owners.

In particular, Google has identified non-profit organization StopBadware as having assisted more than 130,000 sites get back up and running effectively within the last three years. Whether you decide to address problems in-house or with the assistance of an outside expert or support team, several steps will be needed to get your site back to normal. You will need to quarantine your site to prevent further hacker activity, then you must assess the damage, identify the vulnerability, clean the site and then submit it for review by Google.

Hopefully your site will never be a victim of malware or another attack by hackers. But to be prepared, visit Google’s Webmasters help for hacked sites for more on how to keep your site and visitors safe and what to do if your site is compromised.

6 Comments ▼

Shawn Hessinger - Editor


Shawn Hessinger Shawn Hessinger is the Editor for Small Business Trends. He is a journalist and social media networker with more than a decade of experience in the traditional newspaper business before moving to the digital world. He was the former community manager of BizSugar and the former community editor at AllAnalytics, a site dedicated to professionals in the business intelligence and analytics community.

6 Reactions

  1. It’s sad that we’ve come to this when we have to presume that people will be actively looking to attack our sites but as you mention it’s essential to be prepared these days.

    I’ve found as long as you’re pro-active you can prevent most hacks from occurring just by trying to stay on top of the latest web security developments, even in a casual nature. If you check in on a couple of security blogs every week or so you’ll know about the latest dangers (and more importantly their fixes) quick enough to guard against them.

  2. Yes, you can say 2013 the year of hack, because many of the website are profiles on social networks are being hacked. Today one of my friends facebook account got hacked and then they filled that with adult content :(

  3. Security in general has gone to a new heights. Thanks for the advice! it is always useful to remind us of the basic security and preventive measures. Running a Google Webmaster Tools check now to verify safety.

  4. Shawn, thank you for this helpful information. I will definitely check out the resources that you mentioned in your post. In order to avoid using the same passwords on multiple sites, I use a password manager to manage passwords.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>



Compare your business to the industry - Try our new tool