“The year of the hack” is upon us. Your business needs tips to survive.
From almost the beginning of 2013, stories of alleged hacks on U.S. corporations, organizations and government agencies by foreign governments and malware attacks by cybercriminals on companies like Apple and Facebook have dominated the news.
The attacks have been so pervasive they’ve caused The Atlantic Wire to recently dub 2013 “The Year of the Hack.” And last month Google launched a special resource for hacked sites. Below are three tips to help your business prepare for whatever comes.
3 Tips for Surviving “The Year of the Hack”
Gain a Better Understanding
While motives like cyber espionage may be the aim of hackers attacking larger corporations and government websites, attackers of your business site are more likely interested in just one thing: money.
According to Google Developer Programs Tech Lead Maile Ohye, attacks generally come in two flavors, including hacking a site to add spammy content or hacking a site to distribute malware. In the first instance, a hacker would exploit a vulnerability on your site and add links to a site or sites of their own. In the second, a hacker would use malware to gain access to your site and those of your visitors with the goal of stealing log in credentials for online banking or financial transactions.
View Ohye’s full video below for more details.
Take Some Defensive Steps
Simple steps can be taken to at least reduce your vulnerability to a hacker. For example, avoid reusing passwords on your sites and other accounts, including online banking. This way, if a hacker obtains access to your user data from a third-party site like LinkedIn, Twitter or other social networking sites requiring a log in, they will not necessarily have obtained access to other, more sensitive accounts. Ohye also suggests watching out for outdated or insecure software or vulnerable plugins loaded to your site, which can unintentionally provide access to a hacker.
Finally, hackers can install malware on your personal computer, which then steals log in credentials when you sign into your Website, so make sure you have adequate security to identify this kind of tampering before it’s too late.
React Appropriately When the Worst Has Happened
If your site is compromised, it’s important to take action. First, determine whether you or someone on your team is tech savvy enough to address the issue in-house, or whether you will need to get outside help to address the problem. There are sources of help for site owners.
In particular, Google has identified non-profit organization StopBadware as having assisted more than 130,000 sites get back up and running effectively within the last three years. Whether you decide to address problems in-house or with the assistance of an outside expert or support team, several steps will be needed to get your site back to normal. You will need to quarantine your site to prevent further hacker activity, then you must assess the damage, identify the vulnerability, clean the site and then submit it for review by Google.
Hopefully your site will never be a victim of malware or another attack by hackers. But to be prepared, visit Google’s Webmasters help for hacked sites for more on how to keep your site and visitors safe and what to do if your site is compromised.