Hackers & Crackers – Protecting Our Servers

The term hacker hasn’t always been the negative title that it is today. A hacker originally described a person with a desire to learn and experiment with technology who was technically proficient with the systems they hacked.

There once was a time when being called a hacker was a sincere compliment of your technical abilities and problem solving skills. These days, largely due to the media, when people hear hacker they wrongly think criminal. The tech community now distinguishes between hackers, who identify security flaws in order to improve computer systems, and crackers, who attempt to exploit those flaws to their own advantage. I use the term cracker to refer to computer criminals or people unethically exploiting systems.

Hackers: The White Hats

White hat is a term often used to describe ethical hackers that stay entirely within the law, they may be security professionals hired by companies to audit network security or to test software. They never access a system or network illegally, and they work tirelessly to expose holes in systems with the ultimate goal of fixing flaws and improving security, as well as notifying the software vendor to give the company a chance to patch the flaw before making the bug public knowledge.

Knowing how a cracker operates enables a white hat to take steps to secure a network against likely avenues of attack.

Crackers: The Black Hats

Hackers refer to the computer world’s outlaws as black hats. The opposite of the white hat, a black hat (or cracker) breaks into systems illegality for personal gain, vandalism, or bragging rights. A cracker doesn’t need to be particularly knowledgeable or skillful; in fact, most of them aren’t. Few crackers are skilled enough to create their own software tools, so most rely on automated programs that they download from disreputable websites.

Because crackers know they are breaking the law, they do everything they can to cover their tracks. Fortunately, security professionals catch quite a few of them because the majority of crackers lack real skill. When the authorities do catch them, their skill with a computer is often greatly exaggerated to promote the agency making the arrest (and to sell newspapers and commercials).

Although the majority of crackers are relatively unskilled, not all are inept, some crackers have extensive training and advanced skills. Often these crackers work as programmers or IT consultants and learn the ins and outs of networks by administering them.

Procedures We Follow When A Website Gets Cracked

When a website on our server is cracked, the first thing we do is put the site down for security reasons – to prevent the cracker from stealing information or inserting malicious scripts that might affect and damage not just the website that was targeted, but all the websites that are on that server.

After the site is down, we contact the client and explain the situation with their site, we let them now that we’re working on it and trying to solve the problem as quickly possible. After we make contact with the client and explain the procedures, we look through the files to check which have been infected or inserted to the website. After we have checked it, we remove/clean all the files that have been infected from the attack.

We then check for security holes and try to find out how the website got cracked so we can fix the issue and prevent future attacks. The majority of issues are related to WordPress because of out-dated plugins, as well as WordPress being an open-source platform that is used for millions of websites and users.

After we double check and confirm that the website is not infected anymore and is all clean, we put the website live again and contact the client explaining what the issues were, what we did to fix the problem and let them know that their website is up and running again.

How Do We Secure Our Servers?

We have many Firewalls and Scripts running 24/7 and we also block ports to prevent any kind of access outside of our main building, the only ports that we allow are Email, FTP and HTTP. We have a monitoring system that alerts us if any file on our servers has changed, making the process of identifying if a website is being attacked/was attacked quicker so we can apply necessary actions.

Sometimes, even with all the Firewalls and Scripts running, we can’t prevent attacks from crackers due to certain websites platforms. As you know, nothing on the internet is 100% secure from attacks but we always aim to be as updated as possible with the latest security softwares and ways to protect our servers from crackers, that’s why every week we are checking for updates on our systems and servers.