Details
- Vector type:
- Intrusion Attack
- Risk level:
- Tiny to Low
- Impact level:
- Moderate to High
A Hack Attack is essentially any malicious action that results in the attacker having access to and control over a target’s website or web server, at the admin, database, or content level. Once this access has been gained, the website can be put to a multitude of underhanded uses, ranging from deploying simple content modification and Google Webmaster Guideline infractions, to pushing malware, stealing user information, and even cyber-fraud.
Although not unheard of, Hack Attacks for NSEO purposes are relatively uncommon. Your site is much more likely to fall victim to a bad actor for separate, cyber-crime related purposes.
Defense
The first step is to harden your server and CMS (Content Management System) against intrusion and implementing a long-term (4 to 6 weeks) rolling backup regime which allows you to restore a clean copy of your website in case of intrusions.
It’s also advisable to monitor your system and track file requests for vulnerable components. Lastly, and most often overlooked, you need to provide at least some rudimentary cyber security awareness training for your staff, to prevent them falling for common social engineering and phishing attacks.