Home – New Forums Tech talk Website hacking on the increase

  • This topic is empty.
Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • #978932
    MailGuard
    Member
    • Total posts: 6
    Up
    0
    ::

    Hi everyone,

    Of the many security touch points targeted by cyber criminals, website hacking incidents have risen dramatically recently. Viruses, malware and other foreign content can take down your website, compromise your confidential data and the confidential data of your customers, and can see your search engine rankings plummet fast. Sometimes they can be damaging your business without you knowing.

    I’d be keen to hear if you’ve ever had a website hacked or experienced security breaches and what you do to prevent them…

    #1110769
    tonyk
    Member
    • Total posts: 1,430
    Up
    0
    ::

    It is rather suprising how many websites still get hacked given the level of security technology or whatever term you want to use is out there. Those hackers are rather clever I must admit.

    #1110770
    Stuart B
    Member
    • Total posts: 1,070
    Up
    0
    ::

    I’ve got a lot of websites, never had any issues with any… The key is having good quality passwords.

    #1110771
    John Debrincat
    Member
    • Total posts: 963
    Up
    0
    ::
    MailGuard, post: 123275 wrote:
    Hi everyone,

    Of the many security touch points targeted by cyber criminals, website hacking incidents have risen dramatically recently. Viruses, malware and other foreign content can take down your website, compromise your confidential data and the confidential data of your customers, and can see your search engine rankings plummet fast. Sometimes they can be damaging your business without you knowing.

    I’d be keen to hear if you’ve ever had a website hacked or experienced security breaches and what you do to prevent them…


    @MailGuard
    is 100% correct there has been a steady increase in security violations and hacking. It is not going away and really does not have a lot to do with strong passwords. Although they are of course very important.

    Hackers can enter a site, look through your data base, plant some malicious code and leave and you would not even know that they were there.

    Hackers can resort to DDos attacks to attempt to find vulnerabilities or simple SQL injection via a contact form.

    If you are using Open Source software and hosting it for yourself then there is a resource called the Open Source Vulnerability Data Base that has good information.

    If you are in a shared hosting environment or on a SaaS based platform then the core security responsibility should be with your hosting provider.

    You can run vulnerability scans from a reputable vendor, which are mandatory for PCI compliance, which are not so expensive like COMODO Hacker Guardian and there are many others you can find a good list at for PCI vulnerability scanning at the PCI Security Council website.

    Passwords are important as well but don’t take security for granted. Make sure you cover all the bases like you wireless modem access which is ofter forgotten.

    John

    #1110772
    Greg_M
    Member
    • Total posts: 1,691
    Up
    0
    ::

    while I agree good passwords, changed regularly go a long way, if you haven’t been hacked it’s more likely the quality of your hosting and regular security patching, or just plain luck.

    My one and only bout with hackers continued against my sites and a lot of others (on a shared hosting service) over a period of weeks.

    Anything running PHP was subject to Javascript injections that caused visiting sites to be redirected to scareware. On the WordPress sites the administrative interface was completely destroyed, more than once.

    These WP sites were fresh installs of the latest version (at the time) with new, 6 letter 6 digit and a mixture of case passwords … made not one scrap of difference, they were just accessing the server at will and entering multiple sites, the hole was in the server.

    Never underestimate what a hacker can do if motivated.

    #1110773
    BrettM33
    Participant
    • Total posts: 1,372
    Up
    0
    ::
    LemonChip Web Design, post: 137325 wrote:
    I’ve got a lot of websites, never had any issues with any… The key is having good quality passwords.

    …and secure code. ;)

    #1110774
    tonyk
    Member
    • Total posts: 1,430
    Up
    0
    ::

    I have had my website in place for almost two years now and I have never been hacked nor have I ever changed my password. Just lucky I guess.

    #1110775
    Craig_Longmuir
    Member
    • Total posts: 556
    Up
    0
    ::

    My sites got hacked recently…malware code injection…got into 1 out if date wp install and spread accross server from there. Took a day to clean and fix all sites which was a pain!

    #1110776
    JohnTranter
    Member
    • Total posts: 842
    Up
    0
    ::
    eStrategyPro.com, post: 0 wrote:
    Nowadays, it takes a home desktop computer with a modern GPU, 4 hours to crack an 8 character password.

    Agreed, the length of your password is far more important that using punctuation marks/numbers. That’s why more and more people are using passphrases rather than passwords

    $5*3lP is a weak password and hard to remember
    AndBingoWasHisNameO is a failry good password and easy to remember

    Mix it up a bit with some number/symbol substitution and you might have :
    @ndB1ngoW@aH1sN@me0 which is a good password imho and not too hard to remember.

    #1110777
    Divert To Mobile
    Member
    • Total posts: 2,751
    Up
    0
    ::

    ThisIsAToughPasswordToCrack
    :)

    Steve

    #1110778
    dmac
    Member
    • Total posts: 20
    Up
    0
    ::

    “We have had many clients websites hacked over the years, from viruses and malware. Pain the the butt to deal with, as its all arms in the air and clients are freaking out. We have always solved the Security breaches. Y

    You may want to scan through your website’s files and see if there are any new codes added. Filter them and weed out those suspicious-looking files. If this task takes too much time for you and luckily you have a local backup, you can use the latter to overwrite your web host’s files. Backups only serves their purpose only when you have them before you actually need them.

    Make sure that your PC is scanned for malware and that your firewall is up. There could be a possibility that the hacking was done through Trojan on your PC. Like what has been suggested before, having a good password and changing them, especially if the password you had for your website is also the same with your passwords with your other accounts. This involves your account under your web host. We have found that viruses have gone in thru hosting, from sending an email with host log in details.

    #1110779
    Divert To Mobile
    Member
    • Total posts: 2,751
    Up
    0
    ::
    eStrategyPro.com, post: 0 wrote:
    By the show of hands, anyone knows what 2-Factor-Authentication is?

    AKA 2 stage Auth.
    Yep possibly :)

    Steve

    #1110780
    APCA
    Member
    • Total posts: 13
    Up
    0
    ::

    Hacking attacks can have a devastating effect on a small business’ website. It’s something you need to guard against, particularly if you’re taking card payments online. According to this article from the Sydney Morning Hearld, the original poster is correct: there is evidence to show that website hacking attacks are on the increase http://www.smh.com.au/it-pro/security-it/one-data-breach-a-week-australia-20120430-1xulv.html.

    To help small business owners protect themselves and their customers, we’ve developed some training material with the Australian Federal Police – http://www.apca.com.au/getsmart. It’s free and is well worth spending some time on.

    Regards,
    Caroline @ APCA

Viewing 13 posts - 1 through 13 (of 13 total)
  • You must be logged in to reply to this topic.