Why Did They Hack
That Little Site?!?
One of the most common questions I get from website owners is “why would a hacker bother with MY little site???”…
Most people won’t give you a straight answer… either to protect your feelings or because they don’t understand what really goes on.
Before I answer it though, I’m going to tell you that you have to not take this stuff I’m about to say personally because if you do, it’s going to sting.
The cases we most often hear about in the media of so-called “high profile hackings” are the exception to the rule. They are statistically the minority and are usually due to (1) revenge/lesson-teaching or (2) to procure important data.
But what about the rest of us?
Why Does A Hacker Target A Typical Little Site?
1. A Drive By Shooting
The most common type of attack on the web is via bots (web scripts) that simply roam around town (around the web) and beat on every single door, window, and loose garage door they can find. Majority of all attacks are of this type.
You might think of this as “being in the wrong place at the wrong time”… but really it’s just that the bot wandered on by and you were there and vulnerable and it was checking EVERYONE!
You’re not a number, not a conquest, and barely a statistic. There’s not even a live person doing the hacking.
2. A Game Of Points
The second most common attack type is most often done by what are commonly called “script kiddies” … meaning kids (which may well reference adults) with just enough web savvy to make some mischief.
You’ll often find these “kids” (who are often adults) in the forums, announcing challenges, rules and what’s required to earn a point in this game…
A game where each site defaced earns them a point… and they race to see who can get the most points in X number of days.
Here’s just one of thousands of examples:
AnonGhost has 32,000+ hits to his name
At this point, you are barely a conquest, you are barely a notch in their bedpost.
You have about as much “value” to them as one of the little turtle guys in the Mario Bros. video game.
It’s a game of speed, hacking capabilities, and competition against one another… and this results in them not at all thinking about you in the slightest. (This also explains why your little site was so very much easier to target than a big site that has thought about its defenses!)
For some of these kids – if they get really really good – it will lead to either (a) getting invited to work as part of a larger hacking team or (b) getting invited to work as a legitimate employee of an antivirus company. For some kids, yes, this is the road to legitimate employment that they could not have easily attained any other way.
Tha-Tha-Tha-That’s all folks!
When we get hit by an attack… we tend to take it personal.
We want to know why – and who – and not only how to protect ourselves but often how we can give the person a real solid painful lesson!
But unfortunately, most of these attacks will never result in legal charges being filed – because an attacker will never be found.
And since most of them are “not about you”… the best thing you can do is learn to secure your site and keep yourself safe.
That involves starting with a high quality host (since hackers often target a vulnerable host and hit every site on the server once they’ve hacked in)… and goes as far as managing everything from login capabilities to blacklists.
If you need to hire someone to assist you in disinfecting a problematic site, one of the best in the industry is Regina’s team. Check them out here.
Have you ever had a website hit by an attack? (Most of us have!)
What went through your mind when you knew your site was hit?
What actions have you taken to secure your site today?
~ Kim ~
Simple Tech Tips For Marketing