Hacking
How do I protect myself?

Why is there so much hacking going on? Hacking into websites for the purpose of setting up web-based applications from which to conduct criminal activities has become a mayor industry on the world wide web due to a huge demand by the criminals for server access which cannot be traced back to a fixed address or person. And because police forces either don't have the mandate or the resources to police this type of cross border activity, this industry is growing at an incredible rate. And because illegal server access is often terminated as soon as site owners or data centres detect it, there is an ongoing demand for new hacked account access. What is hacking? Hacking is unauthorised use of a computer or network resource. A hacker used to be someone who was seen to be a very skilled programmer. But now (2011), a hacker generally is assumed to be a criminal, although there are skilled programmers who offer their services in order to probe networks and systems for security holes. They too are hackers, but they have permission to break into systems to test for vulnerability and are not referred to as hackers. It is not just the good guy who builds the nice browser we use, who is a clever programmer. The bad guy who builds hacking software is equally clever. It is also not uncommon for a good guy to join the bad guys because the pay is much better. Why do sites get hacked? In the old days, website hacking generally just consisted of changing web page content, in most cases. Hackers were showing off their skills to each other. But as Internet crime grew into an industry, the demand for anonymous server access from which the fraudsters can set up their criminal activities grew too. The requirement for hosting accounts who's mail servers can be used to mail out spam is the main motive for hacking into website accounts. The reason behind this is that if a hacker purchases a legitimate hosting account for the sole purpose of sending out spam, the webhost will delete the account as soon as it finds out this user is spamming from their servers, because spamming does not only place enormous loads on a shared server which will slow down all the other websites hosted on it and degrade their hosting service, but it often also results in the webhost having his IPs blacklisted. The spammer may also be taken to court by the host for breach of contract. However, the spammer could simply purchase another hosting account, but this account will also get deleted very quickly with maybe even more court action against him. It can get very expensive if a spammer has to purchase a new hosting account twice a day, not to mention all the time he has to spend in court. And, if the spam he is sending out is to sell fake Viagra or some other illegal scam, the police may also be knocking on his door. Therefore, ideal hosting access for a spammer who is committing online fraud is from a server who's owner does not know his name or address. That's why hacking is such a huge business. Most hackers do not send out spam, they just sell access to hacked accounts to the spammers. But spamming is not the only reason for the requirement of hosting accounts. Phishing is now also a huge activity. The way it works is the criminal sets up a web page to look just like the login page of an online bank. Even if you looked at the domain name for the fake login page url, it would look authentic, for example http://www.PayPal.com.loginpage_03928834322_0393943-blah-blah.x9internet.com It is basically a domain name with lots of sub sections in font of it and the url is so long that you don't get to see the actual domain name, x9internet in this example, as it is off the screen on the right. What you do see clearly is the beginning which starts with www.bank-name, so it looks trusting. Then they email millions of folks and the naive ones, or newbies, who also happen to bank with that bank, may "log in" with their username and password, only to find later that the bank must have "made a mistake" because all their money is gone! Some hackers also carry out the actual criminal activity, and those ones are harder to spot because they trickle out their spam in order to not get detected, at least not for a while. But most hackers simply just sell access to sites which they hacked. How do sites get hacked? Some hosting companies will say hacking is caused by insecure or incorrectly configured servers and will use this line to lure your business away from your current host. In the old days, a hacker would have spent many hours guessing username and password combinations. But now the hackers have access to software, thanks to the clever programmers who built these tools for them. Once a criminal latches onto a server which does not kick them off after five incorrect guesses, the software can guess billions of username/password combinations, and they don't even need a list of passwords, the software just makes them up as it goes along. If your password is molly, because it is the name of your cat and you can easily remember this password, get ready to have your hosting account hacked (if it hasn't already been hacked without you knowing). But trying to find a server which will not kick the criminal off after five guesses and then having to wait for hours while his hacking software tries to hack an account, can get rather boring and programmers are therefore constantly looking for new hacking methods which will grow their hacking business. For example: You may remember the Microsoft Internet Explorer issue from 2010, when Germany's Federal Office for Information Security advised their population not to use any version of the Internet Explorer browser. France and Australia did so too, shortly after. The clever hackers discovered a hole in the browser and by creating popular websites, such as free download sites, innocent visitors arrived in their IE browsers and as the page loaded, a clever little bug jumped onto their PC from the website. One such bug, Aurora, allowed the hacker access to companies' internal systems. Another type of bug looks up their ftp login details as well as the password, because most folks are lazy and just save the password in the program, because it is so much easier. These login details are then mailed to the criminal who installs scripts on the victim's hosting account. These scripts are operated remotely by logging into a url, such as www.yourdomain.com/images/3gif/temp/scamming-page.php and even if you change your ftp password, those hackers who already have their scripts installed, will stay there until the account is disabled by the data centre when it detects elevated activity or when abuse is reported to it. The most common type of hack is to make interesting applications available as a free download. Or a "developer" may offer a free Wordpress plugin or Gallery addon or something which will work with Joomla and all of these would be pre-infected by the "vendor" and will allow access to your hosting account by the criminals. This type of hack is really nasty because it connects malware to a domain name. When your webhost finds out your website was compromised, it will be disabled. This may annoy you and if you are not prepared to put effort and time into starting the site from scratch again, and you think it's easier to simply sign up with a new host and upload your backup, then you may get a surprise. Because if your backup already contains the malware, all the criminals with their bank phishing sites, fake Viagra pills sales page and other illegal fraud applications, just move along with you to your new host. How can I help prevent my site from getting hacked and having to go through the trouble of creating my website from scratch again when it got hacked? Choose a strong password and keep it safe I good password which is also easy to remember is your mobile phone number combined with your car registration and followed by a question mark for the first login and perhaps the exclamation mark for a second login, and so on. Keep your software scripts up to date Installing Wordpress or Joomla and just let it run on its own is a guaranteed way to invite the hackers. Always check and install updates, patches and new versions. If you are running a CMS or forum, avoid random plugins and only download plugins from websites which you trust. Keep your PC virus free A large amount of criminals gain access to your hosing account via a Trojan, Virus or Key Logger which was planted on your PC when you visited a seemingly innocent website, created by the hackers. Internet Explorer users have been exploited in this way. Macintosh users don't have this problem. Use 777 permissions for folders with extreme caution Assigning this permission to a file or folder is like leaving your front door key under your font door mat. Scripts which were written with security in mind, will still function when you assign 755 to files and folders to which the script needs to write data. Backup your website By backing up your entire site regularly and saving all recent recent backups, data loss will be kept to a minimum with only minor work required to rebuild your website on a cleaned hosting account. Unless you have purchased a separate backup service for your hosting account, a hosting company is not responsible for your data. Don't place blame elsewhere When your site gets hacked, submitting a support ticket to get your hacked site "fixed" may not be successful. Webhosts are not responsible for websites which got hacked. It really is your responsibility to generate regular backups, to keep your login details safe and to not install components from the Internet from sites which you do not know.