“Why would anyone want to hack my site?” I have heard this exact phrase or a variation of it many times. Some of our smallest sites are the one's with the most hack attempts. I have seen some of these small sites get more than one thousand failed login attempts over the course of a week, and that might be a LIGHT week. Just because your site is small, or because your site isn’t selling anything, does NOT mean that hackers won’t care about your site.There are plenty of reasons they want in.
This is probably the most obvious one. Hackers want to break into your site to gain information. They aren't just looking for credit card information. Email addresses, usernames and passwords are valuable as well. They can be used to gain further access to your site, access to the server itself or even other accounts completely unrelated to your site.
Have you ever visited a site that has offered to install something on your computer for you. Maybe something that LOOKS like it is related to the content of the site but once you have installed it, it turns your computer into a mess? Drive-by-downloads are even worse!
"A program that is automatically installed in a computer by merely visiting a Web site without explicitly clicking on a link. Typically installing spyware that reports information back to the vendor, drive-by downloads are deployed by exploiting flaws in the browser and operating system code. The best deterrent is to routinely install security updates to the software in the device." - PC Magazine Encyclopedia
No one wants any of that junk on their computer, especially if it is going to be used to help a hacker get information from you or use your computer to do malicious things. It is, however a great way for hackers to get what they want, like money.
Hackers need resources to spread whatever they are trying to spread (spam, malware, etc.). They also need ways to disguise who is doing the nefarious deeds. Botnets (short for robot and network), provide hackers with access to infected computers which they use to do their dirty work.
"a botnet is a large number of compromised computers that are used to generate spam, relay viruses or flood a network or Web server with excessive requests to cause it to fail (see denial of service attack). The computer is compromised via a Trojan that often works by opening an Internet Relay Chat (IRC) channel that waits for commands from the person in control of the botnet." - PC Magazine Encyclopedia
Basically someone gains access to your computer or your web site server and uses it to do their malicious bidding! This malicious activity can range from monitoring your keystrokes to collect usernames and passwords to using the resources of your computer or the site server to try and gain access to more valuable networks where they can collect more information about more people.
SEO Spam Campaigns
Hackers often start out their journey from a young age, like 5! Most hackers start slightly older, between 12 and 18 though. Kids get bored in general and computers and other technologies are so accessible now that it is no wonder that some of those kids turn their boredom to hacking. Little Jimmy thinks it would be funny to take his school’s website down or gain access to one of his teachers email accounts so as to send out prank emails. This may not sound all that bad, but if they have the knowledge to do these sorts of things, they are more than capable of doing more harm on a larger scale.
Author's note: Adults get bored too, but generally speaking when boredom is the reason for hacking it is coming from a kid.
We all have an idea of what activism is. Hacktivism is a cyber version of the same concept.
Hacktivist - "A person who demonstrates against a company or government agency by malicious technological means. Examples are causing a Web site to fail or slow down, or breaking into a computer system to obtain unauthorized information. In 2011, after MasterCard, Visa and PayPal cut off service to Wikileaks, hacktivists set up denial of service attacks against their Web sites. Hacktivists promote free availability of information on the Internet and may protest when actions inhibit this freedom." - PC Magazine Encyclopedia
Politics, worldviews, thoughts on business practices etc. are a driving force for anyone to protest something. Lots of people do it by not buying a product or joining other people in a rally or protest at a physical location. Hackers have their own views on these things as well, but instead of meeting up with other like-minded people to stand outside a building with signs, they take to the internet and target websites. A perfect example of this in recent history is the Ashly Madison data breach. Ashly Madison is a commercial website that helps enable extramarital affairs. A group of hacktivists broke into the site and stole all of the user data and threatened to release it if the site was not shut down.
There you have it. A whole list of reasons why a hacker could want to break into your site, and most of them directly involve wanting anyone’s credit card information.
Keeping your site up to date and patched can take you a long way in preventing hacking on your site and we would love to help you get your site up to snuff!