Why does my site get hacked?

If your site gets hacked, its generally not personal, although it can feel that way, and be incredibly frustrating. And it can still be a lot of work to recover it.

Its not because they like (or hate) you, usually. Its more common that automated processes search and find your site and probe to see if it is vulnerable. Only in a small number of cases will someone seek out your site to attack.

Some hacks are for ‘bragging rights’ – hackers try to gain respect by inserting their own name/insignia on many sites and try to gain respect from their peers. Those kinds of hacks are usually obvious because pages are changed and the changes are visible.

But much more common, is the hack for financial gain. This gain might come by using your site to point to spammy sites or to ‘poison’ google’s search results, elevating the ranking of 3rd party sites or for selling junk medication. But it may be more nefarious – installing fake banking sites hidden under your site, or using your webserver resources to send email or attack a 3rd party site.

Many of these hacks are much more beneficial to the hacker if you never find out about them, so it may not be obvious that your site has been hacked. In these cases the site may be used as part of a network of tens of thousands of hacked sites which all play a small part in, say, a Denial of Service attack on another site as part of an extortion attempt. Or your site may be used as a springboard to target the hacking of other similar sites by hosting hidden code.

Unbeknown to most website owners, thousands of automated hacking attempts are happening at any time. Many are unsuccessful and are hoping for ‘low hanging fruit’ – sites that have old vulnerable components that have a known and easily found weakness. Or user login details that are easy to crack.

So, if you own or run a website, make sure you are not part of the easy pickings – understand the ways to keep your site secure and up to date and make sure you have backups in case the worst happens.