Start a project

Blog

My site has been hacked. What now?

We all know it happens, but why? and by whom? And what should you do if it happens to you? We explain everything step by step...

< View all blogs

Hackers have been around as long as the word “digital” has existed and over the years they have also become increasingly brazen. Therefore, what happens regularly these days is that phones, computers, websites, etc are hacked, but why you of all people? In this blog, let’s take the website as an example.

 

What does a hacker want with my site?

Hackers are constantly looking for valuable information. By hacking your website, for example, they hope to find something like your payment details, data they can resell or other useful data. Another reason why websites (and especially small websites) get hacked is simply practice. Many hackers do not immediately start on a big bank, but start with the small stuff first. That way, they learn how certain technology works and how to bypass it. Op die manier proberen ze steeds een niveau hoger. At such times, you then see these news items come up:

source: nu.nl & rtlnieuws.nl

Link to nu.nl article Link to rtlnews

How do I know if I have been hacked?

This is where it usually goes wrong. The moment you can tell that your Web site has been hacked, you are usually already too late. Hackers are some of the most patient people on the planet.

If you can see that your website has been hacked, chances are very high that it is due to a break-in from a few months ago. Hackers often proceed as follows:

  • Searching for a target
  • Break in via poor security
  • Plant their malware, viruses or take your data
  • Only weeks/months later do they put their hack live

Why are they waiting so long to do that?

Quite simply, that way the backups from past weeks/months are also useless and there is nothing you can do to get your website back. Sometimes you even see them ask for money to restore your website; never pay that. The moment you pay we see an opening with you to transfer money to them and with that you are actually indicating that this is just the beginning, the site you often don’t get back….
So is it convenient to manually download a backup once in a while and store it locally? Maybe so.

 

What should I do to stop hackers?

With my experience, I have frequently seen a website that has been hacked. People then often come to me asking, “My website has been hacked, can you take a look at it?” And what it really always comes down to is that the security has never really been good, so that includes website maintenance.
With just proper maintenance of your website, you can prevent a lot.

It’s just not that nothing can happen to you if your plugins and your WordPress are always nicely up-to-date. If hackers want to, have enough knowledge and enough time, they can get into almost anything. Then I’m not talking about the home garden & kitchen hacker, but the seasoned hackers. The point I am trying to make is that it is never 100% sure that nothing can happen to you. What I always say is that it is important to do enough maintenance on your website and keep everything neat and tidy. This way you reduce the chance of being hacked. Because not everyone feels like it, we can take this off your hands by means of a “support contract“.

With a support contract we do a complete check round through your website 4 times a year. Here we do the following:

  • Checking plugins (safety check)
  • Checking WordPress/Plugin updates
  • File check, to make sure there are no strange codes etc in your site
  • Cleaning up your website where possible
  • And a few more steps…

Rather be sure everything is tracked? Let us know.

 

Roadmap to restore your site

If you get it bad Google marks your website as unsafe. At that point, it is important that you make your site secure as soon as possible before it affects your Google position. You can check here to see if your site has been marked as unsafe by Google. If your site is marked as unsafe by Google, you need to take the following steps.

1. Make sure the malware/hacked files are cleaned up

In a hack, a lot of files are broken or attached to cause phishing. The most important thing is to get that off as quickly as possible. Because hackers don’t tell you exactly where the files are, the fastest/best option is usually to delete everything and set up a temporary site so your visitors still get info. Because the faulty files have probably been in your site for months, you can’t clean it up properly and the chance of a 2nd attack is also a lot higher. After all, there was a leak in your website that hackers don’t forget.

2. Request a new check from Google

As long as you do nothing, Google does nothing. So it is important that you let Google do another check only after you have done step 1. You can do this check at “Google Search Console” (Not familiar? Ask your marketing party to help you with this).

When you log in to Google Search Console, the dashboard will immediately show a message that problems have been found and that you can run a new check.