You have a WordPress site, are you at risk?
Most people think the goal of hacking is to capture customer financial data. And while that is something that hackers attempt to steal, they are also after non-financial data and control over the web site or server. So most of the people we speak with think they are not a target for hacking when actually they are, even though they don’t sell anything online or their site doesn’t collect credit card numbers. The hackers are looking for soft targets to collect non-financial data so that they can try to collect enough information to steal a person’s identity.
This has taken hacking to a new level since most web sites collect some customer data with a ‘contact us’ form or a ‘sign up for our newsletter’ form. All that form data is stored in the same database that holds your WordPress pages and posts. Although not as good as financial data it’s still worth a lot to hackers, especially ones that can cross reference the data with other breached information.
If a web site intrusion occurs and customer data is stolen, it is the responsibility of the web site owner to report it to the state of Pennsylvania. In addition the owner might be liable for up to $200 per customer to provide identity protection. So the form on the web site that has collected 400 email addresses for your newsletter might cost $80,000 in identity protection costs if stolen. Most companies carry around $5,000 in a cyber clause in their business insurance, which leaves a $75,000 liability for the web site owner. Ouch. And that doesn’t include the cost of tracking down and informing the customers, fixing the web site and paying to train the staff on how to handle this problem if it happens again. A typical web site hack might cost a company upwards of $200,000.
How can we help you avoid an attack?
Here are some services we provide that will help you secure your site and avoid an intrusion.
Site Evaluation and Security Hardening
Test your web site and provide a report of it’s vulnerability and security profile. Secure any vulnerabilities you have with your host, server or web site code.
Provide24/7/365 monitoring of attacks and hacking attempts. The software logs all attempts and alerts site owners and us of suspicious activity.
Regular Security Audits
Give our team access on a regular basis to check for vulnerabilities and to make sure software is up to date. Train your web programmers how to look for and deal with penetration attempts.
How we help if you’ve been hacked?
If you believe your site has been hacked call us and we can help. In most cases we can examine the site, download and preserve the hacked code, attempt to find out as much information as possible about the intruder, help to get the site back up and running then secure the site from future hacking attempts.