Hacking: It Really Can Happen to Anyone

Think only the unwary get hacked? Think again! In 2021, Acer, AXA, Microsoft Exchange, Twitch and the NBA were just a few major organisations to suffer cyberattacks. Smaller businesses often think they’re safe from hackers – that they’re somehow ‘under the radar’. But hackers don’t discriminate. A short while ago, Soto (briefly) joined the ranks of businesses big and small that have been targeted by hackers.

So what happened?

As web developers, we use WordPress all the time. It’s widely acknowledged as one of the best content management systems out there – in fact, we think it’s the best. However, like any software, WordPress isn’t completely impervious. Despite our vigilance, hackers were able to get into the WordPress backend and load phishing pages onto one of our client websites. These are fake web pages designed to lure visitors into giving up sensitive data, and they’re one of the most popular – and effective – tools for cybercriminals.

Fortunately, our server’s built-in security system has a failsafe against this type of attack. It automatically detected the phishing pages and immediately shut down the IP address associated with that particular website. That IP address was shared between a number of websites, so they were all down for a couple of hours until we were able to remedy the problem. Disaster averted!

The most important thing we learned from our brush with the hackers was that our server’s security really does work. However, we also learned a way to minimise downtime if a similar attack happens in future. From now on, we’re allocating each website its own IP address, to avoid unnecessary outages. This service has been implemented automatically for all clients on our Pro Hosting package.

Prevention, prevention, prevention

The COVID-19 pandemic brought a massive increase in cyberattacks. Not only are criminals targeting more people, but they’re also constantly changing and refining their tactics. This means that it really is hard to stay ahead of them 100% of the time.

However, there are some basic practices that will help protect you against potential attacks. If you’re going to be accessing the backend of your own WordPress site, it’s important to make sure that you have a strong password. While significant dates and personal information are easy for you to remember, they are also easy for hackers to decode. So consider using a password manager, such as Dashlane, that will generate and save a unique password for every site you use.

It’s also crucial to make sure your internet connection is secure. If you’re connecting to public WiFi, a VPN will encrypt your connection and fend off man-in-the-middle attacks. And it goes without saying that you shouldn’t leave your computer or mobile device unattended.

Thankfully, all our managed WordPress hosting clients were protected from this attack. Not only does our server security block 99.9% of attacks but our clients’ sites are backed up daily or, in some cases, hourly, so that if they are subject to an attack, we can reinstate their site as quickly as possible.

At Soto, we’ve helped over 200 clients create the WordPress website of their dreams. From web development to managed hosting, to cutting-edge training and support, we offer a bespoke service to fit your business and your budget. And we’re always updating our approach to keep your site safe and functioning, even when the criminals have other ideas. If you have a vision for your company’s online presence, just get in touch – and let us make it real.