Since October was CYBERSECURITY AWARENESS MONTH, here is a similar topic that we all need to learn about -> Web Security. Website security is any action taken to ensure website data is not exposed to cybercriminals or to prevent exploitation of the website in any way. These actions help to protect sensitive data, hardware, and software within a website from the various types of attacks that currently exist.
What are some types of web hacks?
1. Cross Site Hacks (Scripting XSS) - Cross site hacks occur when someone injects malicious Javascript code into your website using one of the website user’s browsers. A hacker will gain access through your insecure WordPress admin area or more likely via your insecure host account / FTP and take control of the website or spread malware.
1a. Inserting a Script (Similar to Cross Site Hacks) - A hacker will insert a script that will allow them to spoof organic search results. Whenever the host site is hit the hacker’s site receives the credit.
2. SQL / Code Injection - (Most common technique) Hackers utilizes malicious SQL code to gain access to your website’s backend. This could include customer information, phone #s, credit card info, etc.
3. DNS Spoofing - Domain Name System includes taking a user’s search to a dangerous website instead of the intended website. It is often used to send traffic from legitimate websites to malicious websites that contain malware. This can occur if your PW to GoDaddy / Network Solutions is insecure.
4. Business Reputation Damage - Cyber attacks resulting in severe damage to your business’s reputation or an extended period of traffic loss can seriously hurt your profits.
5. DOS ( Denial of Service ) - A denial of service attack floods a website with a huge amount of Internet traffic, causing its servers to become overwhelmed and crash.
6. Phishing or Baiting or Pretexting - These are techniques used in emails that can easily do MANY bad things to your computer, but not usually your web site. Education is the answer!
7. WordPress Plugin Vulnerabilities - These are tools w/in WordPress with many variations. Plugins are considered as the most vulnerable parts of a website. Any outdated or unsecured third-party plugins can be exploited by attackers to take control of your website or bring it down altogether.
8. Brute Force Attacks - With a brute force attack, hackers try a variety of passwords in hopes they can get one that lets them inside.