43% of small biz owners have no cybersecurity plan in place.BullGuard Study, 2020
With lower barriers to entry, more and more small businesses launch online every day. Unfortunately, most of those new business owners never think about protection for their own or their customers’ data. With no plan, a cyberattack is just a matter of time. So what do you do if your website was hacked?
When your site goes down – or when you find porn links plastered across your home page, as one of our nonprofit clients did – you feel frustrated, angry, and violated. After all, someone has infiltrated your digital real estate, and that’s the same as kicking in the front door of your home or physical business location.
47% of small businesses have no idea how to protect themselves against cyber attacks.Keeper Security, 2018
The first thing to understand is that in almost all cases, it’s not personal. It’s a crime of opportunity. Think of a group of teens roaming through a parking lot at the mall, checking car doors to see which one is open. It’s certainly malicious activity, but generally not motivated by anything more than greed or boredom.
On your website, this usually takes the form of a brute force attack – banging at your front door with alternating passwords until they find a way in. Hackers run programs that sniff out outdated software and weak passwords on website admin pages. Like most business leaders, you’re working hard to serve customers, manage their teams, and grow your sales. That also means you’ll likely ignore website maintenance and security until it’s too late. Once your website is hacked, it’s a race against time to resume normal operations and remedy revenue losses.
What to Do When Your Website is Hacked
Step 1: Get help!
As soon as you notice that something isn’t right, or your site isn’t available, reach out to a qualified professional to assist with protecting your digital assets from the attack and hardening your security. Companies like Sucuri and MalCare are great at sniffing out and resolving active attacks. Sucuri offers plans to actively monitor your site security, and MalCare offers plans with a WordPress plugin that will leave more control in your hands.
Step 2: Stay Protected
First, change your website and email passwords to something strong and easy to remember. We recommend a sentence or phrase 3-5 words long, no spaces, using special characters for some letters. Then, make sure you get ongoing protection. A Website Care Plan ensures that your website is monitored and protected around the clock, and that essential software updates and backups are taken care of promptly.
Beware of Emails, Too
More than 30% of small businesses fall for phishing traps.Verizon Data Breach Investigations Report
An even bigger problem than brute force attacks is phishing. In fact, the most popular security traps for small business owners are email and social phishing scams. Be vigilant, and be skeptical of quizzes and “special offers.”
Don’t let negligence or anxiety about your tech skillset keep you from protecting yourself – and your clients – from data attacks and loss.