In the time it takes you to read this post, some anonymous group likely has tried to hack the Thinker Ventures website … several times.
One of our core competencies is managed information technology. Thinker helps develop websites and keep those secure. Each week we receive a report from Wordfence, which is what we use to monitor security for our hosted WordPress sites.
What they show is that the attacks to our websites are not coming from the countries you’d expect. Ever since the surprising presidential results in November, there has been daily debate over hacking. The outgoing Obama administration believes Russian hackers deliberately tried to influence the election. The incoming Trump administration says it isn’t convinced, wondering if perhaps the attacks came from the Chinese or “someone sitting on their bed that weighs 400 pounds.”
Wordfence itself weighed in saying the evidence released so far is inconclusive.
The weekly Wordfence reports list the top 10 countries in terms of IP addresses trying to hack each site. Just since Dec. 19, 1,324 IP addresses from the United States have tried to hack Thinker-hosted sites. France is next with attacks coming from 654 sites, Denmark is third with 626, Great Britain is next with 281 and then Italy with 217.
China had just 59 IP addresses launching attacks on our sites in the past two weeks and Russia only 37.
These numbers though really just tells you where computer servers are located. When a hack is successful, it could create a process in your server that a third party can then contact to launch a separate third-party attack on someone else. They are attempting to create a network of servers they can use to launch even larger attacks.
The fact that so many attacks are taking place doesn’t mean there’s an army of hackers each day devising ingenious ways to crack servers. It suggests that people who run websites are lazy. If Thinker Ventures site had been infiltrated and now attacks were being launched from our site we’d very quickly receive cease and desist emails … and we’d investigate and act upon it. The truth is the majority of people or companies who run websites do not. The attitude has become “hacking happens.”
While, in general, website owners have to get their acts together to battle hacking, there are some simple fixes you can make to secure your site.
1) Statistics show 8 percent of hacks happen because of poor usernames and passwords. A username of Admin and a password of Password is about as secure as an energy drink left on a table in a college library. This is default username and password for most commercial internet products – which are, themselves, mini webservers.
2) Choosing a reliable website host is critical. Using a free or $2 account isn’t going to cut it. You need a host that has the latest antivirus, webspace scanning systems and secure emails and very quick support response time in case of an incident.
3) Update your site frequently. More than 27 percent of all websites use WordPress. WordPress now has an auto update feature, but you shouldn’t rely on that alone. Thinker updates its sites multiple times daily. The same goes for plugins and themes. If you don’t update regularly they could stop working and lead to security issues.
4) Back up your website database regularly or you risk losing your whole website. It can be done manually or using a database backup plugin. Your host may do this for you manually.
5) If you are using WordPress, make sure to install a WP security plugin, like Wordfence, to better protect your website.
Alex Gary(https://www.facebook.com/AlexGaryCI/)