This ominous question may not have any simple answers. Hacks can be very tricky, subtle, and often unnoticed for years. The big hack of Yahoo, for example, is a classic case. The damage to both Yahoo and its clients was significant, costly, and time-expensive in many ways.
Let’s first describe what a hack to a business site really involves. There are some classic symptoms of whether your site has been hacked:
- A slow or unresponsive website.
- The notorious red browser screen showing your site contains malware and it probably does. (If you see this screen, be extremely careful. Don’t open anything, and call a security expert immediately.)
- A completely different website is displayed.
- Strange codes on your website, if you can spot them. (Codes can cause odd glitches on the site. Be highly suspicious of anything that isn’t working as it should.)
- Admin may look the same, but you may or may not be able to do anything with it. Some older websites might be very clunky, but don’t take it for granted there’s not more to it.
- The site crashes when opened. This is just plain wrong, and has to be addressed, but sites crash for a reason, and external interference has to be considered a likely cause.
All business are at risk of hacking
In Australia, business hacking attempts are a true plague on all types of business, big and small. The grim fact is that cyberattacks on businesses are constant, 24/7 risks. Hackers are opportunists, and essentially thieves. They use bots and cracking technologies to break in to websites of all kinds, from hospitals to small online businesses. A simple click can start a hacking attack.
Hackers attack from anywhere and everywhere. You may find your bank asking you if you’ve been doing business in some remote country in Africa, for example. The only real common factor is website security weaknesses, often cause by out-of-date security or simple mistakes in website security. These weaknesses are found and exploited routinely.
How hacking hits to the bottom line
This truly horrible picture isn’t quite the whole story. Not all hacks are so blatant. Security breaches can leech personal information of the business and its users. Malware can be loaded onto the site which functions in the background. Banking and other details can be stolen.
Risks to businesses can’t be overstated. These risks may include anything from identity theft to cleaning out bank deposits, attacks on related businesses, and more. The net effect can be an expensive, draining, and highly destructive effect on both your business and your online presence. There may also be legal liabilities, depending on the situation and who’s affected.
The most common risks are financial. Hackers will use any opportunity to steal money. Fortunately, banks are well aware of the risks, and SSL security is usually a good block to attempted theft, but sometimes accounts are hacked even despite these strong security measures.
What do you do if you think you’ve been hacked?
Any suspicion of possible security breaches should be followed up ASAP with a quick call to your security service. If something looks wrong, or strange, there probably is a security issue. If there’s anything at all on your site you didn’t put there, there definitely is a problem.
This is a case when healthy paranoia is the best option. Nobody will say you’re worrying about nothing. Hacking is one of the most common problems for businesses and all security experts will understand and sympathise.
The other measures you can take are both practical and reassuring:
- Get your ISP to provide security additions like the https prefix indicating your site is secure.
- Ensure you have technical support available at all times, 24/7. This can be done with a phone call, and at a good market price if you get specialist services.
- Maintain your website admin diligently. Whether you do your admin in-house or through a third party, you can usually spot possible issues.
Typical issues can include:
- Unusual big spikes in user numbers: Bots tend to consume a lot of user space, for no obvious reason. They don’t do business; they just show up in your statistics. User numbers may look ridiculously high because there are so many more than usual.
- Forum comments with links to dubious sites or built-in malware. Obvious, yes, but also possibly dangerous. These users should be blocked, ASAP.
- Dashboard information: Do you have a lot of users with the same or similar IPs or coming from the same place? Places like Russia, the US, or other countries with reputations for serious hacking? That’s a sign of a classic botnet. Do not ignore this threat. The unusual level of interest in your site is a clear warning.
Yes, your website does need expert security
If you’re a mid-range business or growing smaller business, investing in security is a good professional move. The effects of hacking can be truly heartbreaking, as well as destructive and staggeringly expensive.
Loss of business alone can truly damage a business and its reputation. Modern businesses now expect proper online security to be in place. In B2B terms, it’s a mutual obligation, usually unstated, but important. A hack can destroy a good business relationship, so be aware of your security obligations.
If you do direct business or conduct any kind of transaction onsite, top quality security is absolutely critical. If you don’t have a security service, you need to set up your security, right now. Hackers don’t wait for opportunities. Just pick up the phone and get moving. You’ll be glad you did.
Looking for some help with your security?
MaxIT is your instant all-round solution if you’re an Australian business looking for top-of-the-line security, We help all types of businesses, from major corporations to startups. We provide 24/7 support, friendly practical help, and a full spectrum of scalable services to meet your budget as well as your security needs. Our experts are here to solve problems and keep you safe, so give us a call.