- Employee awareness
- 6 min read
Below is a guest article submission from the good folks over at Seirim, a Shanghai-based premier web design agency – who wanted to share some security tips for all professionals responsible for the security of their business and website.
The times when hacking incidents were few and far between and only occurred in big companies are long over. In the modern era, even small or medium-sized companies have become lucrative targets for hackers. In fact, it the cost of cybercrime for companies worldwide is set to shoot up from $3 trillion in 2015 to $10.5 trillion by 2025. In commercial zones everywhere including London, Brussels, New York and Shanghai, cyber security has been an important topic of discussion, especially as businesses are integrating much of their functions online.
Unfortunately, modern website managers and companies often discover the problem when it is already too late. To make things clearer, we have put together a list of some tell-tale signs that your website is hacked.
The company website or the browser you are using may show signals of suspicious activities or warning screens which indicate the presence of a phishing attack. Phishing attacks are social engineering scams where a dishonest actor impersonates a legitimate company or organisation via advertisements, texts, or email messages. They attempt to steal social security numbers, credit card information, personal information, or bank account information. When such a situation occurs, you must first:
It is vital employees and organisations are aware of potential phishing attempts as it remains one of the most common types of cyber attacks. In fact, since March 2020 alone, 81% of organisations have encountered a phishing attack in some shape or form.
Search engines like Google are continuously checking websites that they include in their search results. Google may exclude a website from being included in the search results if they detect any unusual patterns or noteworthy changes.
In specific instances, Google may flag links with a message such as “This site may harm your computer” or “This site may be hacked.”
This makes it necessary for website owners to regularly look at their Google Search console or search for the website. This allows them to find unattractive links before customers, business partners, service providers or suppliers do.
If a website is taking longer than usual to load, it may be a sign that there is higher activity on the whole server. Often, this occurs when malware uses up all of a server’s resources. So, when encountering such a problem, one should always conduct a detailed check on the server for any malicious activity or harmful software.
A slow website is a major issue that needs to be rectified as soon as possible as data from LoadStorm and eConsultancy reveals that even a 1 second delay in browsing reduces user satisfaction by 16%! If your website is taking 5 seconds or more to load, your website may be compromised in some way.
Companies may find that the number of respondents to the latest newsletter is uncommonly low. A common reason for this is when the emails are sent to the customer’s spam folder. Hackers can send lists of spam emails using a company's website. When this happens, the email provider can blacklist the website which will cause emails sent from the website to be sent directly to spam. To counteract this, one needs to stay aware of your mailing metrics and regularly clean email lists.
AWeber recommends that every organisation using email lists, should clean them every six months to prevent spammers from maliciously using your company.
Hosting providers are one of the first entities that notice that a site has been hacked. They are usually contacted by customers who alert them of the problem or get detected by the company’s own IT security service monitoring. Unfortunately, they can take a site offline without any prior warning.
A site going down without the knowledge of the owner can destroy both ends of a company’s value chain – the customers and the service providers. Thus, companies should contact their service provider and inform their users as soon as they notice that their site is offline.
You may notice some strange-looking, cryptic looking or obfuscated JavaScript code in the company’s web page source. It may be used to steal sensitive customer information such as passwords and credit card information. It may also be used to redirect prospective and existing customers to other malicious advertisements, pop-ups, and websites.
A recent study from Northeastern University on JavaScript use in web development analysed over 133,000 websites and found vulnerabilities in more than 37% of them. The study found that third-party modules such as advertising plug-ins, trackers and social media widgets have often been used trojan horses to compromise backend JavaScript.
It may so happen that you find new admin users, database users or FTP user accounts. This is a strong sign that the website might be hacked. Hackers tend to leave behind privileged accounts to keep accessing a particular website or server.
Another sign of hacking is when core system files have recently been modified. When this happens, system administrators should compare the files to earlier versions to detect the modifications. Hackers commonly tend to modify these files to insert malicious codes, send spam emails or create back-door entries. Some of the unusual formats you may find include .php, .aspx .py and others.
There a few things you should do if you suspect that your website has been hacked. To make things easier for you, we've made a handy list of steps to take if you have been cyber breached:
Hacking incidents and data breaches have become common with the expansion of digitization in the modern age. Companies are thus trying to allocate more financial resources towards cyber security. There are cheap and easy-to-use security software solutions that can be used to monitor a website continuously. Alternatively, companies can also partner with companies specialising in cyber security that have all the protocols in place to thwart future attacks.
Thank you to Seirim for this week's guest submission to The Insider, visit them here.
If you would like more information about how The Security Company can help deliver security awareness training for your employees or how we can run a behavioural research survey to pinpoint gaps in your security culture, please contact Jenny Mandley.
© The Security Company (International) Limited 2023
Office One, 1 Coldbath Square, London, EC1R 5HL, UK
Company registration No: 3703393
VAT No: 385 8337 51