16 Jun We Just Got Hacked!
It was just like any other day, until we walked back into our office after lunch and started working on our various projects. We had been overloaded with work that morning, having had little time to focus on our own internal projects, like our website. Out of the blue, we received an email from our web hosting provider that our website and server had been compromised by a remote hacker and that they had disabled public access to our site. In other words, the website was down and no one could get in, even us. We just got hacked! Even one of Microsoft’s websites got hacked! The hosting provider indicated that several other WordPress websites had suffered the same attack and in order to gain access, we would need to contact them for special IP specific access. We were told that once WE had cleared up the mess the hacker left, we could contact the hosting provider and they would audit the website to hopefully get it back online.
At first, there was a tremendous amount of anger. Questions like “How did they get in?”, “Are our clients safe?”, and “Who would do this?” were being asked with no answers being given due to the lack of information. We had no idea on how they could have gotten in. The only commonality between all the hacked websites was that they were all WordPress sites. In order to find out, we stopped everything we were working on and began investigating the problem. We had neglected our own website to focus on other projects, and in return, we put ourselves at risk. The worst possible thing that could happen, did happen.
We knew what we had to do and began working immediately on securing our server. Luckily, we had a plan set in place and the available expertise to help us recover from this type of disaster. Most people don’t know what to do and don’t have a plan, which causes the problem to only get worse and gives the hacker more time to wreak havoc and gain more information.
During our investigation on the hack, we found that our website was hacked by a group who calls themselves “Moroccan Secret Agent”. Fortunately, they only used our website to display a political message. Sadly, this isn’t always the case for most website hacks. A more common practice for hackers is to attack websites in order to obtain people’s private data, such as emails, usernames, passwords, addresses, payment information and various other private details.
The hackers had performed another common practice on our website, which was to put malicious files on our server that would allow them access to our entire server any time they wanted without our authorization or knowledge. These files are a huge security risk and were scattered throughout our server, hidden in various folders throughout the website just to keep us from finding them. Because we were prepared for such an attack, finding the malicious files throughout the thousands of folders we have on our website only took a short period of time. Imagine if your website was attacked. Do you know what files to look for and where to look for them?
Because of this, we knew that we had to hunt down the files. While most people would have to spend hours looking through their entire server for any malicious files, we have an automated program to do this for us that speeds up the process. We also found that the hacker gained access to our blog database. But as far as we know, nothing was done with it we don’t keep private information stored in the database as a security precaution. Do you store potentially damaging information on you or your customers?
As mentioned before, this is not always the case. A case in point was when over 1 billion passwords were taken by Russian hackers. The hackers stole databases, trying to get people’s usernames and passwords to use at banking institutions. Luckily this did not happen to us, because we would not have known about the hack until it was too late. These types of hackers tend to leave the website untouched, but are secretly collecting information without you knowing it.
After we finished cleaning up the hack, we looked back and thought about what happened. We realized that not only did we need to have a better system in place to protect us against attacks like this in the future, but also provide a better system for our clients websites. We found out very quickly by asking a number of clients and non-clients some questions about their own security, update and backup service. 100% of then had nothing in place.
We found that most people don’t take care of their website, they don’t have the knowledge or the time to devote to it, or it just slips their mind like it did with us. Most people think, naively I may add, that it won’t happen to them!
Having suffered what in our case was a minor hack, it could have been a potentially catastrophic event. Adding more layers of security and devoting a lot more time to the updating and backup of our WordPress website, had to be a top priority. Our investigation led us to a better understanding of the complexities of internet security, WordPress, plugins, theme updates and backups. To the point that we felt we needed to develop a better solution to handle the daily requirements a website needs, not only for ourselves, but for everyone that needs it.
So WPProtectors was born.
Nothing is ever 100% secure. However, we now have a system that protects us against hackers and malware, updates our plugins and themes when needed and we perform perform backups of our website and database on a specific schedule. Our program now gives us the confidence to concentrate on our clients work and not worry about how will be hacked in the future.
Your website needs to be a safe and secure place, not only for you, but for your current clients and potential leads in the future. If you don’t have the time to take care of it yourself or don’t know how to, you’ll need someone to do it for you. You’ll need someone to monitor your website constantly to make sure everything is functional, keep the hackers out, and keep your private data safe.