If you’re running a small business it’s easy to imagine that no one would be interested in hacking your site. After all, there are much bigger companies out there and compared to you they’ll have more information to take, more money to steal and the hackers will probably even make the news if they hit a big enough target.
But it is this kind of thinking that could lead you to letting your guard down, and you could be in for a nasty surprise. Hackers target websites of all kinds and sizes. The government’s Cyber Security Breaches Survey 2016 shows that 24% of all businesses detected a security breach in the last year. It also showed that the median cost of a security breach for micro and small businesses was Â£3,100.
Here are five reasons why someone would want to hack your small business website.
Because they can
Lots of hackers look for easy targets. Sometimes this is because they’re inexperienced and are just looking for a soft target on which to practice their skills.
Hackers also use bots to crawl websites, and look for websites with known security vulnerabilities which could be more easily exploited. So a hacker doesn’t even need to have heard of your business in order to wreak havoc. If your website has a vulnerability, then the chances are you’ll be hit be an automated attack sooner or later. (We’ll explain how to detect vulnerabilities later in this article.)
To give you an idea of how widespread this problem is, research by Imperva Incapsula shows that bad bots – that is bots that hack sites, or behave in other unwanted ways – accounted for 29% of all online traffic in 2015.
Because you have valuable information
If you’re running a small business, you can build up a significant collection of information that could be of interest to online criminals.
Things like bank details, passwords and even names and addresses can be used to commit identity fraud and gain access to online accounts.
If you’re collecting any kind of private data, you need to ensure that it is stored securely. Not only will a data breach damage your reputation, you could also face action from the Information Commissionerâ€™s Office.
Because it lets them hack other people
While some hackers will want to directly target your business, others will be more interested in targeting your website visitors.
By exploiting security flaws in your site, a hacker can insert malicious code which will run whenever a visitor lands on your site. This code can then install malicious software on that individualâ€™s computer.
Not only can this damage your reputation in the eyes of existing and potential customers, but it can also lead to Google blacklisting your site. That will lead to a drop in search engine traffic which will last until you’ve managed to secure your site.
To spam search engines
Links are vital to good search engine results. Good links from good sites leads to higher search engine rankings, more traffic and potentially more sales. If a hacker can get access to your site then they’ll be able to add links to their sites in an attempt to improve their rankings.
This means that visitors to your site may be confronted with some very questionable links, leading them to view your site as untrustworthy.
Google is also likely to penalise your website, and display a message warning that your site may have been hacked in its search results.
Sadly, many hackers don’t have an ultimate purpose in mind and their main motivation is enjoyment. Of course, it’s not much fun for anyone who has their site hacked by this kind of fun-seeker, and often the effects are just as damaging as those caused by someone with outright malicious intent.
Protecting your site
You need to do everything you can to protect your site from hackers. At the most basic level, this means creating strong passwords and not sharing them with people who don’t need them.
But if you want to get more advanced, you can use SiteLock from 123 Reg. SiteLock can detect the kind of vulnerabilities hackers exploit, giving you the information you need to make your site even more secure. You can even use it to scan your website to detect and remove malware, so if you’ve already been hacked, you can use SiteLock to clean things up. Think of it as like an anti-virus programme for your website. SiteLock really is that crucial to your business’s cyber security.