Cybersecurity: What to Do if Your Site Is Hacked
Cyberattacks on websites continue to grow in frequency and sophistication. The IG Webs blog briefly looks at the appropriate response to cyberattacks and the steps to prevent them from occurring.
Determine the Extent of the Attack
Temporarily take the site offline to protect users. Leaving your site up following a cyberattack could hurt your company’s reputation because it puts your users at risk. While the site is off-line, you can assess the nature and extent of the cyberattack on your site.
Use a malware scanner to determine the nature of the attack. Running a scan of your site can help determine the breach point—the first files infected. Once the scan identifies the files, assess the source code and find the snippets injected into your site by attackers.
If you don’t have a malware scanner, you can use the Wayback Machine to assess past versions of your site to determine the point of infection. In some cases, you may see signs that the source code has been tampered with. If the hackers used a cloaking technique to hide their code, you could use Google’s Hacked Sites Troubleshooter resource to identify it.
If your site handles payment card data and you’re concerned that your users’ data may be at risk, contact the Payment Card Industry Security Standards Council and seek its guidance on the appropriate response to cardholder data breaches. This is also a good time to seek legal advice.
Restore the Site
Depending on the nature and extent of the cyberattack, have your IT department clean up the site and get it up and running as soon as possible. Some companies have IT teams with the expertise and experience to carry out comprehensive assessments and restorations of the website. Small and medium-sized businesses may have to outsource the work.
Zenbusiness discusses how a good backup system can ensure you can quickly restore your site. If you don’t have a clean backup of your website, you may have to rebuild it from scratch. Going forward, you need to create periodic backups of your site. Services such as CodeGuard let you make automatic backups you can restore in a single click. They also feature malware scanners and security alerts for changes in your site’s source code.
Prevent Future Attacks
Once your site is up and running, take steps to prevent the same attack from happening again by clocking breach points and patching vulnerabilities. Run comprehensive malware and vulnerability scans on the restored website. Implement a patch policy that ensures all the software your site uses is always up to date.
Update all the log-in credentials for your site to block the attackers from accessing it. It may not be possible to determine which log-in credentials were compromised, so it’s advisable to change them all, including the log-in details for your web hosting, email, CMS, and database accounts.
Cybersecurity experts recommend making your passwords stronger by including numbers, special characters, lowercase/uppercase letters, and multiple characters (more than 15). The best way to create and store these passwords is by using an enterprise password management service.
Secure Your Site
Putting in place robust prevention measures is the best approach to dealing with cyberattacks. However, if an attack occurs, it’s best to take down the site and assess the extent of the damage to protect your business and customers.
Looking to create a fully functional and secure website for your business? Learn more about IG Webs’ offerings.
IG Webs – Web Design, SEO Content Services, Website Management & More! Give Us a Call for A Free Quote Today!
We provide responsive websites, mobile websites and website management from start-ups to medium large businesses across the nation. At IG Webs, success means a website that presents the client’s business and ideas in an interesting and effective manner. Website Design, Local Marketing, SEO Content Services, Website Management, E-Commerce and more! Call us today or use our free quote form – Allow us to quote you a price and get started on your project. You’ll be glad you did!