My website got hacked, hijacked or held for ransom - how...why?

Software vulnerabilities. Hackers. Ransomware. Labels that people whisper about create an online battleground that we must deal with. So let’s talk about them openly and loudly.

If you have ever been the victim, whether it’s of an online hacker or an identity thief, you are likely left feeling vulnerable and violated. I know that’s how I felt and I’ve been the recipient (or target) of both. And I thought I had taken the precautions necessary to protect myself so I was also angry.

So how does it happen if you have all of the protections in place?

Well, the simplest answer is that software is fallible. There are mistakes and errors in software code that allow the application function, and yet be compromised. I get that brilliant minds with pedigreed educations and tremendous experience are creating the code and yet, they are human and as we know, humans make mistakes. Because humans are fallible, the software code they create is likewise fallible.

In today’s web-based world, there are a lot of software applications that are released to the world as “open source”. If you’re not familiar with that term, allow me to explain. A developer creates a software application by writing software code. It’s like writing a book but instead of being written in your native language, it’s written in a programming language. That code (known as the ‘source’ code) tells the computer what to do and how to do it. You’re probably familiar with the Microsoft suite of software applications that each perform a specific set of functions. In the case of Microsoft applications, you must purchase a license that allows you to use the application. You cannot change the application and must use it in its native form. Some people (and companies) create software applications that instead of selling them (like Microsoft), publish the application – and its code – to the world for free. That application becomes known as an “open source” application because 1) it’s free and 2) everyone has equal access to the ‘source code”. And by everyone, I mean the good guys and the bad guys.

Being open source and available to everyone, the good guys use the application for, well, good things. Content Management Systems (CMS) applications, for example, are an open source application that is commonly used for good. The popular CMS apps are DNN (DotNetNuke), WordPress, Drupal, and Joomla - and there are many others. These apps share a lot of similarities that extend beyond them just being open source. In fact, they are the backbone of the majority of websites today.

In fact, it so common, that companies like equaTEK build an entire business segment utilizing one of the popular CMS applications (DNN) as its foundation.

Just as we have access to the open source code, as mentioned, so do the bad guys. We use that access to augment the code to provide the functionality that a client desires in their website. The bad guys though want to discover vulnerabilities that is in the code and then exploit them for their personal gain. The havoc they reign through their illegal actions is immeasurable.

So how do you combat this? You put as many security barriers in place that is reasonable and then you watch and monitor. The alternative is expensive and requires using applications that are not open source. This prevents someone that does not have access to the source code (the bad guys) from exploiting its vulnerabilities. Just as we do not live in a perfect world, there is not a perfect solution.

If you'd like to discuss this article in greater detail, feel free to contact us. We welcome the opportunity to discover the right solution for you!

Print

14561

Tags: dnn DotNetNuke CMS

Search

Too Much To Do - try using a Smart Calendar!

14Apr2020

Have you ever seen the person that no matter what, always seems on top of things, on schedule and never flustered? While you might want to hurt them, the fact is you’re jealous! Our Tip this week will help you regain some control and get more organized.

Digital Marketing - yes, it's MANDATORY

14Apr2020

Everybody throws around buzz words and says we need to be doing ‘SEO” or on Social Media. Just because everybody else is doing it, why do I need to? My mother always asked me “if they jumped off a bridge, would you?” In this case, the answer is YES!

Tips for your business: Goal Setting

14Apr2020

Lately, I find myself thinking about goals a lot. Maybe it’s because I manage a lot of tasks and some days, though I’ve been busy all day, I’m not sure what I have accomplished. Perhaps it is because I’ve never been good at putting substance around my goals.

Tip for your business: Understanding your WHY

14Apr2020

If you have spent much time with a toddler, you know the word why can take on annoying attributes beyond comprehension. Yet if you are in business, being able to answer the one-word question why takes on incredible importance.

Has Google forgotten you exist? Whose responsibility is that?

14Apr2020

Getting your website included in organic search results requires focus and intent…it doesn’t just happen. While there are a lot of factors outside of your control, the foundational factors are right at your fingertips. You need to create quality content and you need to expand the content on your website so that Google sees you are investing in your website! In addition, if your website is not responsive, you are your own worst enemy!

You have the option to change this by making your website a priority. It doesn’t have to cost a fortune or demand every waking moment – but it does require your attention.

We’ve shared some aspects of Google and options that can help you impact your web presence in the complete article which can be accessed here.

RSS

First Previous 2 3 4 5 6 7 8 9 10 11 Next