Part 1: What you need to know about hacked websites

Written on 10 December, 2012 by Verity Meagher
Categories Web HostingTags hackedsecurity

When developing a website for your business, it is important to remember that your website is never safe and is prone to being hacked. Although there are billions of websites on the Internet many assume that they have a small to zero chance of being hacked - this is not the case.

There are a lot of hackers out there and targets can be random. An attack can occur anywhere, anytime and there are lots of different types of website hacks. Hacks can be malicious or the hacks can just be as simple as changing the text on your front page. Generally speaking, there are two broad ways hacking events are classified - uncontained and contained.

Uncontained hacks

In the first instance, an uncontained event is rare and occurs when an un-authorised person has exploited the server via some kind of vulnerability and has gained some level of access to your website. For that access to be destructive, they need to have gained sufficient privileges in order to be able to write data to where the shared customers information is stored. If they have gone through the trouble to gain this kind of access they are looking at doing maximum damage to as many sites as possible. They do this by writing a script that looks for every file called ‘index’ and inserts the damaging contents onto those files or alternatively, they may simply delete all the customer data with a few very powerful commands.

In this situation, the security flaw is at the server level and failure to protect the server falls to the hosting provider. In a best-case scenario the hosting provider will have back-ups that they can re-upload while they work on identifying how the hack occurred.

Contained hacks

The more common type of hack is the contained hack, which many business owners experience. It is when the hacker it exploits a vulnerability in an application that you or your designer/developer has installed onto the server. Most hacks are simply a numbers game, they start off with someone downloading a script off the internet followed by a need for a list of targets to run the exploit against, for which it can be targeted or untargeted.

As a hosting provider, Netregistry does weekly scans to identify exploited customer websites. If we identify that your website has been compromised we will suspend the hacked account to ensure the damage is limited as to protect your website and make sure that it does not affect other users on the same environment. At the same time, we will contact you via email with a brief reference guide of what to do to fix your affected site along with our contact details so you can discuss the issue further.

We are always happy to point you in the right direction and give some general advice, including helpful materials to ensure you are on the right path to protect your online business. For more in-depth information we recommend downloading the full e-book on "Help my website has been hacked! And other bad things".

Netregistry has a technical team equipped with the knowledge and expertise to help limit the damage caused by these types of attacks, with a number of procedures and protocols in place to ensure a smooth recovery. If you have a website hosted with Netregistry and think your website has been hacked please contact us on 1300 638 734.