04/19/2012

Should You Worry About Someone Hacking Your Website?

With recent high-profile arrests of computer hackers across the world, perhaps we should all be doing more to understand this activity. After all, a computer hacker has the potential to take down your website and your business. So is it something you should be worried about? And why do people hack in the first place?

Let's start by challenging perceptions about computer hackers. We all imagine they're clever but troubled teenagers, plotting away in dark bedrooms. But this is not the reality. Yes, hackers tend to be younger (those that have grown up with computers), but they also come from all walks of life and have widely different motivations.

So what motivates a hacker?

  • For the challenge or the thrill
  • To show the weaknesses in a system
  • To push the boundaries of technology
  • To steal money or hide criminal activity
  • To expose wrongdoing
  • To be a nuisance or for notoriety
  • Revenge for a past wrong
  • To prevent or start a war
  • And many other things...

As you can see the motivation is sometimes for good and sometimes for evil. So grouping all hackers into one category is not a helpful exercise. Let's leave the good soldiers alone for a minute, those hackers that are trying to expose wrong doing and shine a light on nefarious practices. Let's think more about the bad guys, they're the ones to worry about after all.

Can a hacker bring down your website?

Well, the security of your website and business systems is of course important. But usually the kind of hacking and cyber attacks that you read about in the press are not really a huge concern for you. Yes, a bad virus or piece of malware could be released by a hacker and it could cause you all sorts of trouble. But you can protect against these.

In reality, the majority of hackers do it for fun, as a challenge or to target high profile organizations like multinationals and governments. Very rarely are they concerned with attacking private individuals. But with that said, e-commerce sites are far more attractive to criminal hackers than a standard website because of the opportunity for credit card fraud. So protecting yourself and your customers is vital if you ever expect anyone to trust you.

The likely forms of attack you could experience are:

  • Distributed Denial of Service (DDoS) attacks - this is where a hacker uses lots of poorly secured systems to act as accomplices, flooding a network with requests from many different computers at the same time. The network under attack crashes or is forced to shut.
  • Trojan Horses - this is malicious software disguised as something else. It allows hackers to create a door into your system to perform other tasks, or to recruit your computer to become a part of a DDoS attack.
  • Viruses - a virus replicates itself and spreads to other points on a network. It's a very common form of attack and one that you're most likely to need to protect against.
  • Worms - a worm is a bit different. It's a kind of combination of a virus and a DDoS attack. It will secretly use up your resources until it eventually overloads your system and causes it to crash or be shut down.

When hacking hits the press

A recent high profile commercial cyber attack was on the media giant Sony. Its playstation network was hacked in April 2011 and the personal details of over 77 million gamers were compromised. It was a huge PR embarrassment for the multinational. It created huge doubts as to the ability of the company to protect its customer's personal data.

In some ways you feel for these companies. Cyber crime is becoming increasingly sophisticated and they're in a constant battle to stay ahead of the hackers. In fact, it's hard to see how this problem will ever go away. A better weapon means a better shield and a better shield means a better weapon, and so on.

For peace of mind, get protected

The irony about your system is that it's probably too insignificant and too easy to hack for the most skillful or malicious of hackers. The truth is anyone connected to the internet is vulnerable to attack. But you can take some consolation that you're just not a juicy enough target.

But should you be worried? Yes, you should. You should be protecting yourself from the types of attacks we've discussed (using appropriate security tools) and giving cyber security serious consideration.

After all, you work so hard to get your website up and running well, it would be a shame for someone else to take you down.