It was late June of this year when I awoke to discover I’d been hacked.
A black screen with menacing red writing flashed at me upon arriving on my website.
As the letters scrolled across the screen, the message taunted: “You’ve been hacked! You’ve been hacked! You’ve been hacked!” in a sickening, sing-songy way.
For the next six days I did nothing but work on rescuing my site from the eastern European cyber criminals whose trawling software had found a hole in an outdated plugin and, in a manner of seconds, held five years of my hard work ransom.
They’d given me an out. At the very bottom of the contaminated window was another message, longer and with a hyperlink:
“To avoid any future disruption to your site, we offer security services at reasonable rates that will protect you in the future from people like us.”
I have to hand it to them. Their ploy to gain new business for their security services through hacking sites like mine probably brought them customers despite the absurdity of not only paying your kidnappers to get your site restored, but then to continue paying them a monthly retainer in order to keep them from kidnapping you again!
Thankfully I knew enough to steer clear of this trap. Through many phone hours of tech support with my amazing hosting company, I was able to restore my site close to where it had been before it was hacked. The attack cost me, though. Along with the many hours spent with tech support, I also lost close to ten hours of revision work I had made to my site the weekend prior to getting hacked.
As a result of this experience, I tripled my security and stripped down my site to the barest minimum for it to function as I wanted.
In our data-driven world, what happened to me is par for the course.
No matter how large or small your database may be, getting hacked is akin to coming home from vacation to discover your home has been robbed.
You suddenly feel more vulnerable and paranoid. Questions abound. Who could do this? What were they looking for? Why me? Why now?
Which is why my heart goes out to Sony Pictures, who is still knee deep in trying to recover from a nefarious hack two weeks ago of their enormous database. Motive for the Sony hack is still not confirmed as of the writing of this post, but many suspect it is the work of North Korean cyber criminals who were commissioned to breach Sony Pictures’s database in retaliation for a soon-to-be-released film that features a plotline about assassinating the North Korean dictator Kim Jon-un.
Given Kim Jon-un’s personality and family history, perhaps the folks behind this picture should have thought through things a bit more before agreeing to make the film. I’m a proponent of free speech like the rest of Americans, but in a global economy, the rules at home don’t always apply.
Recent statistics (July 2013) from Sophos suggests that 30,000 websites are hacked every day. According to the website Hackmageddon, the leading reason cyber criminals hack is to get access to credit card and other monetary data. Home Depot recently had its database breached, resulting in Barclay Bank initiating a mass reissue of credit cards to consumers who had shopped with their cards at the home improvement giant.
Risk is a given online. There is no such thing as a hack-proof site. With the proper precautions and education, however, the odds of an attack diminish significantly.
As does choosing what content to publish.
