WHY CAN MY WEBSITE BE HACKED? - OTKRITKI

Breaking

Saturday, July 27, 2019

WHY CAN MY WEBSITE BE HACKED?

We will go back to why your website can be hacked . This is something that I always discuss with my students in another form. It's mostly to answer that kind of argument that you can express when you talk about the security of your website: " Hacking my site, there's nothing on it , I'm not really a target why they would lose their time to hack it. The worse it is not very serious, it will be enough to reactivate it ". Let's see why you need to change this idea .

Hacking a website is complicated?

To answer you simply:  no . This is even easier if the person who designed the site did not integrate security into the project from the beginning . If this has not been done it's a safe bet that your site is easily hackable or will be in a few months. Even more so if your website was made with a CMS such as: Wordpress, Joomla, Drupal etc. and if you do not do your security updates , it's just a matter of time.
If it's a home development, that you, or the company that did it to you, have no security knowledge, that you've never done your code, it's even worse than a CMS not up to date .

Who can attack my website and why?

When you are the target of a computer attack and in this case your website. There are not 60 profiles, but simply 4.

Former employee :

Indeed you have just separated from a collaborator by really in good conditions, to take revenge he may want to hack your website. It will be easier for him especially if he participated in the project even by far.

The kiddies script :

The what ??? We call these people who do not have advanced cyber security skills and who try hacking software on random Internet sites ( definition by wikipedia ). The software to carry out attacks being more and more simple and powerful. It is a real scourge of which you can be the victim. Especially that they do not always know what they are doing and suddenly can create significant data loss.

Defend a cause: 

At times the hacker will just want to use your site to get a message across. For this purpose it will hack your website and change the homepage. But as I recently wrote attention, it can hide something else: My website was hacked what to do?

The targeted attack :

There are two reasons why you are the target.
First reason: 
A person who wants to see your site hacked has sponsored the attack on hackers. Generally it will be your direct competitors or your future competitors. The goal is to make you lose notoriety and degrade your image with Internet users and therefore your prospects and customers.
I was talking recently with a gendarmerie adjutant who at a conference had attended a return on a study of cybercrime. In this study they estimated that the image of your company represents 30% of your annual turnover . To see it degraded is therefore not negligible!
Second reason: 
The hacker may want to use your website to conduct larger attacks, or simply hack your visitors. In the attacks that it can undertake one will find the diffusion of virus infecting your visitors, with various attacks like viruses or ransomwares . Why also to target you directly.
He may also use your website to phish by copying files on your website. They will be used to imitate sites of banks, tax or supplier such as EDF, SFR, Orange, Free etc.
Finally he could also use your website as a starting point to attack another larger website or a company with very targeted attacks. The goal is not to get caught when the police will go back to the source of the attack. And I give it to you the source, it will be you. And you will have to prove that it is not you who are at the origin of the attack ... Not always complicated to prove however, but always lost time.
With this last scenario we could see a little further. I hack your site to attack me while I am your competitor and I will sue you for piracy. Pulled by the hair ? Not that much.

So, still convinced that you are not at risk?

I think you understand that even if for you there is no interest for a hacker to attack your website, he will always find several . And each time it will cause you a prejudice that can be important, in terms of image and therefore turnover.
Because to build one's corporate image is long and complicated, but losing it is very fast.

No comments:

Post a Comment