You’re not worried about hackers. Why would you be? Your small website doesn’t have anything worth stealing. No big funds. No sensitive information. Sadly, this couldn’t be farther from the truth. Every website is a potential target for hackers – even your small business’s site with a few photos and basic information.
Case in Point: The Hacking of The Upper Deschutes Watershed Council’s Site
Inconvenient is an understatement. The Upper Deschutes Watershed Council’s (UDWC) was in the midst of their year-end fundraising campaign and directing as much traffic as possible to their website. Unfortunately, when all those visitors clicked newsletter and social media links, or typed in the web address after talking with a staff member, they were unable to find the website. UDWC’s website had been hacked precisely when they needed it most!
In addition to mucking up UDWC’s critical fundraising efforts, the hack bungled the organization’s day-to-day work. Staff members post reports to their website, frequently referring grant monitors and key partners to these online resources. Again, important work was stymied by a website that wouldn’t appear.
The Hacking Mess
When UDWC’s staff first realized something was amiss, they hoped to handle it in-house. Kelly, the agency’s resident Web Administrator had been routinely adding pages and content, backing up the site, and initiating updates.
Kelly logged in to their WordPress Dashboard and found blank pages. Most of the content was just missing, but not all of it. She tried the few tricks she had up her sleeve, but soon realized she was in over her head.
Plus, this self-proclaimed non-techy web admin had other responsibilities. Her primary role is UDWC’s Field Instructor – teaching children about art and nature. This whole hacking problem was taking a lot of her time – time that couldn’t be billed to specific grants or funding sources. (Any non-profit or client-billing-based business can see the problem with that.) So, UDWC reached out to us for help.
Who? What? Why?
Looking behind the scenes, we realized that their website had been accessed from an IP address in Portland (Oregon). Someone was signing in as one of the staff members and altering or deleting content on the site. The hacker had been in the site several times, though we never determined what they were actually after.
The reality of hacking is that it is not always an attempt to steal data. In fact, websites are often compromised in an attempt to use a server as an email relay for spam, or to setup a temporary web server for illegal files.
Avoiding the Headaches
“We wished we had someone looking out for us, watching our site, and helping with more advanced tech support”
It’s a relief to know that Litehouse is on the ball. They are always so fast to respond.