Hacked Website Myths, Misconceptions & Recovery
Having your website hacked is something that the majority of small to medium-sized businesses never really think much about until it happens. Then, at that point, it is completely overwhelming, because there is no plan in place for addressing this type of situation – which is compounded by the effect that a hacked website can have on your business, reputation, and customer trust.
No matter what amount of traffic your website gets, or who you are, when you publish anything online, you have a duty to make sure that you are being responsible.
Let that sink in…
We all share the internet, so if you are going to have a website, hacking is, unfortunately, something you need to be aware of. The more people who are informed and take the effort to protect and secure the web, the safer we all will be. Be part of the solution.
Myths & Misconceptions
I can’t afford / don’t have the budget for website security or to pay someone to monitor and update my website.
Let me give you two different scenarios that highlight reasons why you can not afford to overlook website security.
1) You have a small business and your website contains information about your business (i.e. where people can find you). Your site is hacked, and the group or individual responsible decides to put up a page directing your visitors to an “unsavory” website. Now think about brand reputation and how quickly word of mouth spreads…
2) Your website was hacked (unbeknownst to you). Your website is silently serving malware onto the computer of all your visitors so that it can steal their banking, login, or other identity information.
Google finds upwards of 50,000 new sites a week that are infected with malware.
What would happen if your most loyal customer decided to check out your website and ended up getting their identity stolen?
These examples may seem extreme to you, but they happen everyday – If you don’t believe me, check out the Google Transparency Report.
My site isn’t E-Commerce, or doesn’t store any PII (Personally Identifiable Information) so there would be no reason for someone to hack it!
This is one of the most common misconceptions out there, and to explain why, we first need to realize a few things.
It is most likely not someone with the codename ‘Zero Cool’ or ‘The Plague’ (shameless Hackers reference) who you have wronged, causing them to enact their revenge on your website.
Most likely, your website was randomly found by one of the countless automated web crawling programs (called bots or web crawlers), specifically looking for sites that have not been updated or are hosted on vulnerable web servers.
Trust me, if you have a website, it is being crawled relentlessly all day every day by these types of programs. If your website is vulnerable, they will find it and it will be exploited at some point, either by another automated program designed to exploit the found vulnerability or by brute force password cracking (if you have an administrative login using the default value – most commonly “admin” – please stop reading now and go change it. I will be waiting here for you to get back).
I can fix this myself by restoring the backup.
I commend you, first of all, for being smart enough to regularly backup your website. Just restoring the backup, however, without addressing the reason why your website was vulnerable in the first place, will just result in you finding yourself hacked again in the near future. Afterall, the definition of insanity is repeating the same action over and over while expecting different results.
If you don’t complete regular website backups, you can finish reading this article, but as soon as you are finished, you need to get that taken care of. You have been warned…
Effective Recovery Resources & Tips
One of the first things you are going to want to do is have your website scanned by a 3rd party scanning utility so that you can quickly identify how badly you were infected. These tools will give you a good idea of which pages on your site are serving malware, which files have the bad code, and how many major website blacklists have discovered your infection and are currently blocking you.
Don’t worry though, even if it looks bad at first, with some work, you can completely bounce back and get removed from any blacklists that you might currently find yourself on – as long as you act quickly. Below are some of my personal favorites.
Site Check by Sucuri
One of the best, free online scanners. Simple and powerful, just enter your website URL in the box and hit “Scan Website”. It will let you know what files and pages they find on your site, and will also give you your status on the top 5-7 blacklists.
Quttera.com/website-malware-scanner
Another free web-based scanner.
Google Search Console (formerly Webmaster Tools)
One of the absolute best resources out there if your site is hacked. Google will let you know if they detect anything wrong with your site – Errors, 404 URLS, Malware, etc. You can also see which pages on your site they deem “infected”, and once you’re clean, you can submit your site for a re-crawl. After the re-crawl, they will remove you from their list of infected websites and will start allowing search traffic to find your URL again. They will also continue to monitor your website, and will notify you by email if you are reinfected.
Linux Malware Detect
This is for the advanced users out there who have root or sudo access to their server (If you have no clue what I just said, then just skip this). Run this tool on your web root directory, and it will output a list of the infected files it finds. Simple, yet very effective, and not limited to what can be accessed on the web by scanners.
Words Of Advice & Wrapping Up
This is by no means everything that is available out there, but it should help you to identify your problems and get you on the road to recovery. If you are not experienced with malware or being hacked, you are going to need the help of someone who knows all the short and long-term effects of these issues.
Food for thought: If you think it’s too expensive to hire a professional, wait until you hire an amateur…