Security experts at Lean Security categorize companies in Australia into two types: those that have been hacked and know about it and those who’ve been hacked but don’t know about it. So, how will you know if your company’s website has been hacked?
Following are the ways Lean Security, the number one WAF managed service shares;
Ø Your website gets defaced
Ø The website redirects to a site that’s ‘unsavoury’ such as a porn site
Ø You get a notification that the site is compromised from either Bing or Google
Ø Your web browser (Firefox or Chrome) will indicate the compromised state of your site
Ø You notice unexplained big spikes in traffic (from other countries) and other signs of strange traffic in the web logs of your site
What Do You Do?
The first thing to do after finding out that your company’s website has been hacked is to remain calm. You won’t be able to do damage control in a frazzled and worried state. The next thing to do is:
Call In Your Support Team
If you’re a small business, chances are that you won’t have the right technical expertise on board. The best option in this case is to hire the expertise of a support team, one that’s ideally an expert in the technical aspects of internet security, as well as familiar with the configuration of your site such as your managed security service provider.
Pull Together Important Information
You’ll have to gather the information that’s helpful to support team, so be prepared to provide the following:
Ø Hosting Login Information
Ø CMS Login Information
Ø Your Site’s Web Logs
Ø FTP/ SFTP Access Credentials
Ø Backups
Take Your Website Offline
The site will have to be temporarily shut down while the support team is running a web application testing and assessment. This is normally done through the hosting control panel. You can also protect the main directory (where the website resides) with a password in order to block users from having access to the site while it’s being fixed.
Scan Local Computers for Viruses and Malware
This is a very important step which can also be carried out by your managed hosting provider. Have the support team scan all your local computers with the help of anti-virus software to make sure there isn’t any malware, spyware, or Trojans in the network. Also make sure the anti-virus software that you use is up to date before scanning the computers.
Just because there’re million others to prey on, doesn’t make your business website secure. It’s always a good idea to be prepared for the possibility of such an event.. After all, it’s better to be safe than sorry. Conduct a free assessment of your website’s security by Lean Security today.