Disclaimer: Any products/services mentioned or recommended below are suggestions based on our own experiences. We have no affiliation with any of the products or services mentioned and you should always thoroughly and independently research your options to decide what is best for you.
It may seem like a simple question; why do websites get hacked? Yet, many people find themselves unsure of what the real answer is anymore, as it has indeed changed over the years. The reason behind your website being the target of a hacker in 2019 is very different to what the reason might have been back in 2009.
Reason #1: SEO
There are 2 sub-categories of how SEO is the reason behind a website being hacked:
A hacker may wish to use your website’s good ranking in Google’s eyes to promote another website of their own. By hacking your website, they are able to insert links to their own site throughout your content, making it look like your reputable, well-regarded website is recommending theirs. This will give their website a boost in its own Google rank the next time Google crawls your website and indexes your content.
A hacker may wish to hack a website to cause it to lose Google rank, which can indirectly benefit a competitor of that business. Should a hacker gain access to your website, they may initiate a range of frowned-upon actions that will cause Google to penalise your website’s rank, such as sending spam or inserting links to dangerous, infected or illegal websites.
Reason #2: Holding Data Ransom
Another ever-increasing motivation behind website hacking is quite a simple one – to hold it ransom. A hacker may find a way to take over a website and either lock it down or remove it. They will then notify the website owner and ask for a ransom be paid before they restore the website and data. This is one of the reasons why it is so important to ensure you backup your website to a remote backup service, and not just on your own hosting server. Check out our blog, 5 Tips To Protect Your WordPress Website (especially tip #1), to learn more about our remote backup plugin recommendations.
Reason #3: Stealing Customer Data
Another motivating factor of website hacking is to scrape your website’s customer data. There could be a number of reasons for a hacker to want to do this, from collecting live email addresses which can then be used to send spam or scams to, or to sell the details of your customers to your competitors.
Having an SSL certificate installed is an important step to ensuring the data that is transmitted between your customers and your website is encrypted and secure. Without an SSL certificate, a hacker may be able to “sniff” the data packets running back and forth to your website, and extract sensitive data from them. Check out our blog, Googles Next Move Against Non SSL Websites, which contains a handy guide on how to check if your website is already protected by an SSL certificate, and if not, how to get one installed quickly and easily.
Reason #4: Spam
One of the most common activities of a hacker is to use a hacked website or hosting account to send as much bulk spam as possible before either the website’s owner notices, or the website’s server gets thoroughly blacklisted and is unable to send emails anymore at all. This can be severely disrupting to businesses that use email on a daily basis.
Hackers have a financial incentive to send bulk spam this way as they are essentially hijacking your resources to do so, thereby minimising their own costs. And of course, the more spam they send, the bigger the number of potential victims will be.
If sending email is important to your business, you may wish to consider dedicated email hosting such as G Suite, which can greatly protect you from falling victim to blacklisting by spam.
With all of these attack methods and motivations in mind, this may be a timely reminder to run through a quick security check on your website. Is everything as secure as it could be? Check out our blog, 5 Tips To Protect Your WordPress Website, to learn more about how you can quickly and easily secure your website against hackers, bots and anything else that may be lurking out there in the digital darkness
That’s it from us! As always, if you have any questions about this post or our shared hosting, VPS, reseller or dedicated server plans, simply call us on 1300 MY HOST (694 678) during business hours, or submit a ticket through our Support Portal and one of the crew will be in touch!