fbpx

How to Recover from a Hacked Website Event?

Any fellow webmaster you may ask who is beyond the novice stage will agree that one of his top priorities will always be keeping his websites secure. However, the number of exploits and tools available to hackers are so vast, and software technologies evolving so rapidly, that it is very possible, maybe likely, that you will experience a hacked website.When addressing such an event, it can be helpful to have a short checklist of tasks to perform in your recovery process. Doing the right things in the right order will be key to maximize your chances of successful and complete recovery, as well as mitigation of future events.

Your ToDo List

Your ToDo list will contain 2 types of tasks: Preparation tasks and Action tasks. Preparation tasks make NO CHANGES to your web site or any related or underlying components AT ALL.

It is essential to clearly understand this point, because your preferred FIRST action MUST be make sure that the hacker has no way to continue accessing the system; ANY OTHER action that changes the web site may alert the hacker that he has been discovered before his access has been blocked, and you do not want to trigger the hacker into either perpetrating MORE damage, or covering his tracks.

Remember: once the event has happened, it must be treated not only as a reason to fix, but equally as a motivation to harden and secure.

 

  • Prepare: Reaction plan
  • Prepare: Battle sheet
  • Action: Take your system offline
  • Prepare: Clone your system to a testbed or staging server
  • Prepare: Scan your website for vulnerabilities; identify and confirm suspected intrusion point
  • Action: Fix the vulnerability
  • Action: Bring the fixed version of the site back online; whenever possible, you should redeploy the sanitized version of your website to a clean OS/Web Server setup
  • Prepare: Monitor your new and improved website
  • Prepare: Make a Reaction Plan for FUTURE events.
Irfan Shakeel
Irfan Shakeel, the founder of ehacking project, he also hosts cyber security training classes at EH Academy. He has discovered many vulnerabilities in the famous platforms (like Google, Dailymotion, Harvard University & etc.). He specializes in Network hacking, VoIP pentesting & digital forensics. He is the author of the book title “Hacking from Scratch”.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...