After the Hack: Getting back to business as usual

Hacking was the hot topic again this weekend when several websites reported having political messages posted on their home pages. Our good friends at Third Street Brewhouse had their site affected and they are working with their web hosting company to get their site back up and running as quickly as possible.

At Gaslight Creative, we are a full-service marketing agency specializing in websites, programming and digital services. We have a variety of clients who choose to host their own sites, or have established web hosting. We work with many web hosting companies when updating an existing website design or creating a new site.

Last year, we started offering our own hosting services, but we are not hosting any of the affected sites from the weekend attack.

As a digital services company, we take web security very seriously. We constantly run security checks and monitor our servers. We investigate even the slightest anomalies. If we receive any spam complaints or detect a hacked website, we disable public access to the website in order to prevent further abuse. We also back-up our hosted websites daily, so if anything ever did happen we could switch out your site with the most recent back-up.

It’s a hacker thing
Hackers gonna hack. Why? Lots of reasons, but mainly for fun and to impress other hackers. Hot political topics and inappropriate images are all part of the game.

Like any other business problem you need to know whom you should call and what you should do if your site is ever hacked. Here are a few things you should keep in mind.

Call your web host provider
Take an aspirin. Then call the company you’re paying to host your website and tell them your site has been hacked. Aaaaand you’re done. Your web host will take it from here. Continue to monitor your site and stay in contact with your web host to ensure timely and accurate recovery of your website.

Your web host will take down your site for repairs and determine how your site was compromised. This could take as little as five minutes or several hours depending on how your site was affected and whether or not the attack is ongoing. Your web host will find and fix any vulnerabilities on your server site and restore your website with a recent backup.

If the vulnerability was not server related and the attack was a website security breach, your host will identify where and how the breach occurred and repair it. Your web host will also be able to tell you if there are other steps you will need to take to improve your site security. You may be asked to participate in a broader investigation if your site was part of a large-scale, coordinated attack affecting several businesses.

When to notify customers
You may want to notify your customers depending on how your website was affected. Consider sending out a message through social media if your website will be offline for an extended amount of time. If the attack only caused a minor disruption, then you may not need to make any official statement at all. You will want to put out an official statement as quickly as possible for a major disruption such as maleware.

Update your passwords
This may seem like a common sense suggestion, but it is worth repeating. Change your passwords every 3 to 6 months, and if your site is attacked be sure to change your passwords before putting your site back online. Generally speaking, the longer your password and the more numbers and special characters you use the more secure your site will be.

Unfortunately, cyber attacks are a daily occurrence on the web. So much so that the only time an event is even considered newsworthy is when there is a large-scale attack. The best way to protect your site is to work closely with your web host provider to keep your security up to date.