A website is an important tool that needs to be protected against external threats including website defacement and hacking. If you or your web developer has taken advantage of a free or open source content management system (CMS) to create your site, this software is likely to need ongoing maintenance or software updates to secure it against known vulnerabilities.
Why would my website be hacked?
WordPress, Joomla, Drupal and Magento are believed to power up to three quarters of websites. The popularity of these software products and the ability to quickly and cheaply add new modules or plugins for site features increasingly makes these products a target for automated attacks.
Once a security hole is identified, criminals can work quickly to create methods to exploit these vulnerabilities. They could:
- Deface your website
- Compromise your systems to use the site for a ‘watering hole’ attack where visitors are infected via malicious downloads such as ransomware
- Use your site or server to host phishing pages that capture login details from unwitting visitors
- Steal your intellectual property or confidential data for financial gain.
In most cases reported to us, these attacks are of a random or automated nature, where an attacker has found a system has not been patched for a known security vulnerability. In serious cases, your organisation may be targeted to cause financial or reputational harm.
What can I do to prevent a website hacking?
Taking preventative action against common threats is key. Business owners should discuss security with their IT or web development partners to protect systems and customer data. Here are some things to think about:
- Popular CMS are regularly updated so ensure you have budget for ongoing maintenance and support of your site.
- Talk to your IT partner about common security vulnerabilities and ask them how they approach ongoing patching.
- Allow time in your development schedule to test the website and backend systems before you launch it
- Limit the number of people who need access to your website CMS. For example, you may wish to limit access to a known IP range.
- Use strong, unique passwords or phrases for logins.
- Don’t leave default accounts on the system as they can be easily probed or breached.
- Protect your server and update patch vulnerabilities – talk to your website host or IT partner about this.
- Monitor intrusion attempts made on the website. Ask your web developer or IT partner for advice or look for a plugin or third party monitoring service.
- Encrypt data stored on your systems. If you are handling credit cards, it’s important to follow best practices around storing card numbers and account details.
- Consider getting a specialist security firm to penetration test your website or app.
- Back up your website regularly – both files and databases – to ensure you can quickly recover should an incident occur. Issues can include viruses, hacking or hardware failures so it pays to be prepared.
What do I do if my website has been hacked?
If your site has been hacked, defaced, knocked offline, blocked by search engines or browser safety settings due to malicious files, it’s important to have a plan in place. Our advice is to:
- Record how and when you first learned of the issue – was it a customer phoning you? An email? Or did you just see a warning on screen when you went to your site? Have you received threats or demands for payments? Keep all evidence connected to this incident should you need to submit a formal report to NZ Police or to your business insurers.
- Report it to Netsafe so we can record what has happened and provide you with help.
- Speak with your web developer, IT partner or web host to see if they can identify what the issue is and resolve it quickly.
- Scan your site using a free tool like Sucuri SiteCheck. This service can help identify what’s happened – if your software is outdated – and if your site has been blacklisted to protect visitors.
- Restore your site and ensure all systems have been patched using the latest security updates.
- Scan your website again to check if the issue has been fixed. You may need to work directly with the various blacklisting companies to get your site unblocked and can check the status on Google Safe Browsing.
- Harden your website against future issues using the tips above.
- Read the Australian government’s guide to keeping your website safe
- Found your website has been hacked? Google has a guide for webmasters on recovering
- Report it to Netsafe