Has Your Website Been Hacked?

Mine has.  Some of my readers may have noticed that I have not posed anything for the past couple of weeks.  That is because I discovered about 10 days ago that this website had been hacked.  Anyone who clicked on a search result for it was being redirected to an online gambling website.  It is somewhat ironic that my last post before this discovery was about cyber security and the important role an agency’s employees play in protecting it from a data breach.

Unfortunately, I have no one to blame but myself for what happened to this website, but fortunately, there was no data breach as a result, just some embarrassment.  My mistakes were those of the kind I have been warning about in my cyber security posts.  I did not keep the software running my website, WordPress, or its plug-ins up to date and I did not monitor it for possible problems, by occasionally checking to make sure it could be found correctly using the various web search engines.

I also did not know that there is another way to access my website besides the way I do when I want to make a post or change something on it.  It is something called FTP access, which is what is used by programmers to change the code that runs the website.  I thought I was doing great by having a difficult to crack password (letters, numbers, & special characters) for my entry to the website, but failed to realize there was another way to access it.  That access point is apparently the way someone found to add code to my website that would result in people looking for it using search engines to end up at an online gambling website instead.

Please don’t get lazy like I did.  The consequences of doing so could be far greater than they were for me.  Keep the software running your agency’s website, as well as any of its special functions, up to date, and regularly check whether it can be found using the various web search engines.  Also, find out who has FTP access to your website and limit it to just one account for the people who are responsible for maintaining it.  Doing so will avoid some embarrassment, and potentially much more severe consequences.

 

Digiprove sealCopyright secured by Digiprove © 2017 Mark Burnette