25 Jun

Why Was My Website Hacked?

Author: Annie Romano
Hack the Planet hackers from the film HACKERS

Why Did My Site Get Hacked?

It is a fact of modern life that websites get hacked. Unfortunately, it is often not “if” a site gets hacked, it’s “when”. Your site doesn’t have to be a big business site or an e-commerce site. All sites can have information on them that is attractive to hackers, if for no other purpose than to wreak havoc or gain status with other hackers. The most common misconceptions website owners have about hacking are:

1. Thinking their site isn’t interesting enough for a hacker.
2. Hackers have nothing to gain from hacking their site.
3. It’s never happened before and it won’t happen now.

There are many kinds of hacks and purposes for hacking a site.

Some types of hacks or attacks are:

DDoS (Distributed Denial of Service): This is when a hacker attempts to disrupt the availability of a site by flooding it with multiple requests.

Automated Attack: This is when a computer software program does the work to hack a site. This allows for mass exposure and less overhead for the hacker. It also allows for increased odds of success because of the sheer number of attacks on sites.

Targeted Attacks: These are primarily reserved for larger companies. Sometimes they are implemented by companies wanting to increase their customer base and business by taking down competing sites. They are much more work for the hackers, but, if they work, much more satisfying and rewarding.

Attacks of Opportunity: This means that a site was caught in a trailing net by hacking software randomly searching or “crawling” the web, instead of an attack by one individual hacker.

Some hackers just want to create chaos on the Internet.

They spend their days trolling for vulnerable sites and when they find one, they pounce. Sometimes they just put something on a site that will redirect visitors to another site – either one that copies the site, but isn’t, or a completely different site that serves their own purposes. This can negatively affect a company’s online reputation and authority.

The majority of hacking these days isn’t done by individual hackers; it is done by hacking software. It is not discerning – it is automated and continuous.

Hackers may use a site to hack others. They can insert code that will infect visitor’s computers or possibly use email information to send out spam to visitors or people on an email list.

Hackers may steal a site's traffic. If they input code that redirects visitors to their site, or another site, then visitors will see products or services unassociated with the original site.

The more aggressive and malicious hackers are looking for various information: personal info on individuals, companies, and customers; monetary information such as bank account and credit card number; user names and passwords, email addresses and other personal and business information. They can use this information that they “mine” in many ways. If they are able to access credit card or bank account numbers, they can sell the information. Stealing customer information impacts the ability to do business through the site because customers may no longer feel secure using the site.

Email addresses are a popular thing hackers collect. If they find a cache of them, they will often use them for spamming purposes. Suddenly, a site's customers are receiving phishing (looking to gain personal information) emails from what looks like a legitmate company, or, they receive spam emails selling other products and services.

What Can I Do To Protect My Site From Hackers?

Leaving a site's administrative area open in any way is dangerous. This part of a site is where updates are made, passwords and user names are stored, and site building tools are accessed. Keeping this secure is of optimum importance. The built in security protocols should sense when someone is trying to log in that shouldn’t. Too many attempts will initiate a “blacklisting” of the IP address that is being used. It is a good idea to check that list to see how many fraudulent attempts are made by hackers trying to access the backend of your site.

Having a good security program or extension is crucial. It won’t stop all the hackers, but it can definitely slow them down.

Paying attention to your site is another tool that can help. Often, sites are published online and then are basically ignored. It is important to be vigilant and check your site on a regular basis. The more familiar you are with what it’s supposed to look like and what it is designed to do, the more likely you are to notice something irregular. If you have a company doing your site maintenance and hosting, be sure that they are checking it regularly as well.

Another good practice is using a website scanner to find malware. If malware is detected, you will be notified immediately.

Enable a SSL Certificate. A SSL (Secure Sockets Layer) Certificate is used to establish a secure encrypted connection between a web browser and a web server. A SSL makes exchanged information less vulnerable to hackers. Depending on your site builder, you may have to purchase an SSL certificate or it may be included in your package. After attaining your SSL certificate, be sure it is enabled or pushed within your builder. A TLS (Transport Layer Security) protocol is a current extension of SSL technology and that is what will be implemented when you enable SSL and your website address will start with HTTPS (Hypertext Transfer Protocol over Secure Socket Layer). This ensures all information exchanged is encrypted.

A Web Application Firewall (WAF) monitors HTTP traffic and blocks attacks due to web application security flaws. It can differentiate between a human user and an automated program or bot. It will only allow human traffic to enter your site. You have likely seen the prompts “I am not a robot” or “pick the pictures with stop signs in them”. An automated system cannot respond appropriately to this type of security measure and will not be allowed access most of the time. There are firewalls for every type of operating system and include free, open source, and commercial options.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) offers a reverse Turing test challenging website visitors to read distorted words or numbers presented and enter the text to gain access. If a user attempts and fails, they will not be able to get into the site or be able to send an email to the site. Google offers a free application.

Frequent backups of your site are critical. If, for instance, a hacker defaces your site by substituting an image or content that is not in line with what you want to present, you can replace what they’ve done by uploading the most recent back up. Backing up your site a minimum of once per week is a good practice.

Will I Be Able To Tell When My Site Has Been Hacked?

Here are some ways to tell if your site has been hacked:

1. You are blacklisted by the search engines – Google, Bing, Yahoo, etc.
2. When you check your site online and you see content you have not posted.
3. Your site is flagged for distributing malware.
4. Your site has been disabled by your host.
5. New users that you did not authorize.

Here are a few examples of hacked websites:

As you can see by these samples, some hackers really do enjoy the challenge and are not mining information. They do it for the lulz.

Cupcakes with pink frosting and white nonpareils
The best cupcakes in America? (Image: Pixabay)



In 2011, British intelligence service M16 crafted a clever attack on an article within al-Qaeda's first English-language online magazine detailing how to construct a bomb from household items. The article was titled, "Make a bomb in the Kitchen of your Mom", and was written by "The AQ Chef." Keeping with the chef theme, they replaced the instructions with a recipe for "The Best Cupcakes in America," written by Ellen DeGeneres.





Mr. Bean stands in for Jose Luis Rodriguez Zapatero
Mr. Bean stands in for Jose Luis Rodriguez Zapatero on Spanish website.





 In 2010, a picture of English actor Rowan Atkinson as Mr. Bean was used to represent Spanish Prime Minister Jose Luis Rodriguez Zapatero on Spain's official Web site for its EU presidency.

The resemblance between the two has been a running joke in Spain for several years and was spoofed in a cartoon published in the Spanish newspaper El Pais. 

An official at Mr Zapatero's office confirmed a security breach had been used to manipulate the page specifically set up to mark Spain's six-month presidency of the European Union, but added that no information on the site had been affected.