Hacking can be defined as any technical effort to manipulate the normal behaviour of network connections and connected systems. A hacker is any person engaged in hacking. The term “hacking” historically referred to constructive, clever technical work that was not necessarily related to computer systems. Today, however, hacking and hackers are most commonly associated with malicious programming attacks on the Internet and social networks like Facebook, Twitter, LinkedIN etc.
Hacking on computer networks is often done through scripts or other network programming. These programs generally manipulate data passing through a network connection in ways designed to obtain more information about how the targeted system works. Many such pre-packaged scripts are posted on the Internet for anyone, typically entry-level hackers, to use.
More advanced hackers may study and modify these scripts to develop new methods. A few highly skilled hackers work for commercial firms whose job is to protect some software and data from outside hacking.
Cracking techniques on networks include creating worms, initiating denial of service (DoS) attacks, or in establishing unauthorized remote access connections to a device. So what should you do if your website is hacked? Here are some things you need to know.
Being hacked is a little like entering your home or office and finding it burgled. And just like that scenario, when you discover that your website is under attack, the hacker could still be lurking. “If you recognize your website has been hacked, the first thing to do is have your hosting provider suspend your site immediately so the hacker or attacker can’t continue to leverage your website to distribute malicious software or steal sensitive data.
Determine the scope of the damage
After the initial shock wears off—but hopefully before emotions, like rage, settle in— you need to take stock of what the hacker has done. You can’t possibly figure out what your next step will be until you understand what the hacker’s goal is. Are they just trying to make you look bad, by defacing the website, or did they manage to steal credit- and debit-card information?
Hackers may be looking for easy access to gain e-mail lists. Meaning the hackers may have been after a free and easy way to build up their methods of spamming people. And if they did get into your customers’ financial records, that, of course, is a much more serious problem.
Online experts advise that if you’ve been hacked, you’ve been hacked. Don’t hide it—not from your vendors, not from your staff, and especially not from your customers. They are smart and will understand that you are also a victim.
First, backup your site. Even though the site is hacked, you want to have a backup in case you have to undo any of the clean up steps, and have a fresh start at cleaning up.
If your site is based on WordPress, BlogSpot, or any other database-driven method, be sure to include a backup of the database as well as the files in your HTML directory structure.
Second, if any of the hacked areas include defaces or other visible clues (or even in your face writings), then take screen shots of those areas. Basically, you want to document what you know about your site being hacked.
Third, contact your hosting provider technical support, giving them as much information as you have along with any screen shots and notes you’ve taken to date.
If your hosting provider cares about you as a person, and cares about your site, they will do what they can to help you clean up from the hack(s) on your site. Depending on how quickly they are told, they might be able to review server log files to identify how the hacker(s) gained access and when such access was gained.
Some hosting providers do have the right to charge for clean up per their terms of service; prior to asking them to do any work, ask them if their help in the case you are facing will be done freely. If yes, move forward; if not, then find out the charges involved and make a decision as to how much you need their help.
In any event, you should still notify your hosting provider so they know you know; AND, that the intent is to clean up the site as quickly as possible.
The main reason you want this notification (even if you are going to clean up the site yourself, or use another party) to the hosting provider is to ease any effort the hosting provider might make against you if they receive pressure to shut down your site.
Fourth, if you are unsure of how long the cleanup will take, put your site in maintenance mode so your site is not infecting others.
Fifth, scan any device (mobile, PC, etc.) you or any authorized person who has access to the site for virus and spyware. Anti-virus software will often not find any malware, and anti-malware software will often not find any virus. You need to run two different scans — one for viruses using an anti-virus program; and another for malware using an anti-malware program.
Additional information from bing.com*
No comments:
Post a Comment