HACKED: The Year of Insecure Internet Things

A recent onslaught of clever Internet villains have certainly got my attention. I have heard of and seen websites hacked in a number of painful ways including the addition of blatant ads for body-part-enhancing drugs, the transformation of all text into Chinese, and the not-so-subtle placement of flashing pictures of naked women on the (aka my) blog page.

No matter your industry, it is unsettling to see your website hijacked by Internet hoodlums. In fact, the publication Wired dubs 2015 the “year of insecure internet things.” So, if you have been hacked, you are not alone.

With the prevalence of Internet threats, the old days of slapping together a basic site using a haphazard hosting service — mainly so you and your business will be found on the Internet — are gone. In today’s world of Internet mischief, it is well worth the dollars to host a professional website with a trusted vendor. Disruption comes in many forms but, given my experience of late, it certainly targets all industries, … even where there is no immediate hope of financial gain, identity theft or other profit-making information.

My friends at Brave River Solutions reinforce that we should not underestimate the significance of where our websites are hosted. Jim McAssey of Brave River Solutions advises that business-class web hosting should include anti-virus/malware tools, sophisticated fire walls, regular backups, intrusion-detection systems, and, of course, a responsive support team when the hackers still find their way in.

Among the greatest advantages to a contemporary website — along with mobile functionality — is the ability to edit your website yourself with a Content Management System (CMS). Jim McAssey shares that the CMS is a frequent entryway for hackers. Yikes. Be sure your web developer or hosting provider is monitoring for (and addressing) known vulnerabilities before you become the victim of a hacker.

Similarly, for LinkedIn users, there seems to be a rash of event bandits who sneak into your LinkedIn account and invite some or all of your contacts to a special “event” via a link. When the connection clicks on the link, it goes nowhere but, rather, captures the contact info of your connections. On LinkedIn, it’s a good idea to leverage the dual-verification system or, at minimum, be sure your password is more than an easy guess.

Like everything in technology, best practices are continuously evolving so we must evolve, too.