• Home
  • |
  • Blog
  • |
  • Why small business websites get hacked

Why small business websites get hacked

June 3, 2020

Over 33,000 websites get hacked each day.

Most business owners we talk to are aware that things like this happen but aren’t totally sure why a hacker would want to access their website. Even if you don’t have an ecommerce site, a hacker may still attempt to get access? Why? Consider this analogy….

We live in a very safe neighborhood, but last year we had a string of break-ins of vehicles sitting in people’s driveways. No cars were damaged, but items were stolen. Turns out it was several teenagers walking driveway to driveway just checking door handles. If a car was left unlocked, they would rummage the contents for anything of value. That’s what hackers do. They’re just checking the doors and windows of your website to see if anything will allow them easy access.

But a hacker doesn’t just try one door at a time. They have software that will scan the web for them looking for open doors and windows. It would be like the hacker pressing a button and automatically checking all the doors and windows in the neighborhood at once. Hackers create little programs that scan the Internet looking for website vulnerabilities. When they find an open door, they’re programmed to automatically infect the website and then report back their success to the hacker, who will likely have hundreds of vulnerabilities to exploit at once.

“But why would someone do this? What value is my little site to them?”

Typically, the hacker isn’t after your site individually, you’re just one of a million sites they are trying to exploit. Why?

  • Server resources - If hackers can compromise your website, they can use server resources to run complex calculations to create digital currency like Bitcoin.
  • Spam - The server can also be harnessed to send millions of spam emails anonymously.
  • Content injection - Hackers can add text and image links to products and sites you probably don’t want to advertise.
  • Malware - Hackers can add code that will exploit vulnerabilities on your visitor’s computers from old web browsers, operating systems, and software like java and flash. Once exposed, your visitors could have their computers compromised with keyloggers, malware and ransomware. Nasty stuff.

Preventing access

We’re not trying to scare you with this information. We are just trying to underline the importance of proper website maintenance. WordPress is the most popular website building platform today and studies suggest that close to 1/2 of all WordPress websites are out of date. Keeping your website platform up to date is one of your best defenses against hackers. Other things you can do:

  • Keep your computer protected - A common way that websites become compromised is through keylogging programs that are installed on an infected computer. All computers you use to access your website admin should have updated security software, use current web browsers and keep the operating system patched and updated.
  • Use a strong and unique password – Your password used to access your site should be unique and strong. If you use the same password for multiple access points, if that gets compromised a hacker can now log into every site where you have an account that uses that password. A great resource to see if your email and password combination has been compromised is https://haveibeenpwned.com

What does website maintenance have to do with hackers?

Everything. Keeping your site up to date with routine maintenance on your WordPress core application and plugins is essential to keeping your site secure. Just like your computer and phone update the operating system regularly, so does your website application.

Maintenance Plans

We offer WordPress maintenance plans that bring peace of mind to those using WordPress to power their website. Each week, we take a backup of your site and apply any available updates. Then we routinely test the update to make sure that everything is still working as expected. We also add in an SSL certificate so that all communication between your website and the users is encrypted.

If you have a WordPress website and aren’t sure if it has been updated, let us know. We’ll gladly take a look and let you know what needs to be done to increase the security of the site.

Contact Us for more information!

Related Posts

About the author

Patrice has over 18 years experience in sales, marketing, business development, and project management. Coupled with excellent interpersonal development and creative problem solving skills Patrice leads the sales and marketing efforts at ProFusion. Patrice loves helping small businesses grow! Email her at patrice@profusionwebsolutions.com

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}