There are most likely only two reasons why you are on this website. The first is that your website has been hacked and are now looking for help to get the site back to how it usually is. The second is a more proactive approach which is after having had your or your clients websites hacked several times you are now wiser and figure it is better to secure and keep secure the site before the next hack comes. As Erasmus said “Prevention is better than the cure”.
If you know about any sort of law enforcement you will know that the creativity of criminals to think they can outsmart the law is second to none. When someone hacks your site thats like a burglar stealing stuff from your home – it isn’t nice and worse they create a loss for you which they will try and profit form. We can’t really dictate what makes a criminal do what they do. What we can do though is ensure our home and websites are secure.
Imagine if you will a castle. The first thing you would want to know is when attackers are in the vicinity, perhaps waiting till dawn to attack. So what would the castle owner do – they build those lookout turrets at each side of the castle with someone perched there able to see long into the distance for any movement. This is akin to have your website scanned, a scanner would be looking at your website and looking for any known threats and areas of suspicious activity. If the lookout person and the scanner detect anything they raise the alarm, either by bugle, ringing a bell or a notification of some sort.
Next, if the attacker tries to get near there might well be a moat or the castle is built on higher ground. We could relate this in the digital world with having secure SSL certificates to ensure that anything coming in and going out is secure, in this case by encryption.
Still curious they might start throwing a few arrows over the wall to check for reaction. In the latter day this might be phishing where the attacker is trying to inject malware into the websites hosting area.
Now, lets say the criminal drools with taking your treasures and tries to get in. Maybe they will use a trojan horse – the original stealth tactic of any scrupulous attacker. They interact with you all friendly and may give you a gift. You may lower the bridge, open the door because you see smiles and friendliness. In the digital world you will have a firewall. Each time the attacker is thinking of how they can leave their secret bomb on the inside.
Now this “gift” is inside the castle or website is where the danger happens. Unbeknownst to the victim the gift contains something dangerous. Either a team of attackers come out of the horse and start burning and killing or code is released that takes down security causing damage to your data.
So then what, where at a pretty devastating stage right now. The castle and website is looking like it could literally go down in flames. Don’t forget though, we have basic security in place with the scanners looking out. Provided they keep doing their job we will know exactly where the attack is currently happening and what damage has already been sustained. This is important because we can then go directly to where the attack is happening, or SQL code is being injected and remove it.
Next with your castle and website under attack you then call out your top skilled guards to detain and remove the threat in such a way that it doesn’t destroy any more of your asset.
Unless you have all these things in place the constant scanning, the ability to correctly detect threats and vulnerabilities, firewall, fast reporting and tools to get straight to the heart of the threat and take it down then you are fighting a losing battle.
Be proactive and sign up for the very minimum the scanning service. Sleep well at night.