Why would your site be hacked?

"Editor's note: The site has been attacked by hackers, which is almost common in today's society, but why is this, do you know?" 】

The station is black is inevitable every holiday festival, is the hacker event frequently. Now to the new, hacker attacks will be endless, enterprises and institutions are also stepping up information security precautions, at the same time, the news of hacker attacks also followed.

1, April 20, 2006 China UnionPay suspected hacker attacks caused system failure, Beijing, Shanghai, Hangzhou and other major cities have been unable to cross bank withdrawals, POS machine can not be consumed, and so on; According to experts expect the attack and UnionPay implementation of a charge project, In fact, the charging program is also the most dissatisfied with the implementation of the situation enforced.

2, September 11, 2006 morning, China Mobile Communications Group website Hxxp://www.chinamobile.com was a signed "935fa12ec828a3f3" hackers tampered with the site's homepage, and graffiti: "Please mobile phone can be cheaper than ...", It was also hacked by China Mobile's brand dynamic Zone website (hxxp://www.m-zone.com.cn).

3, September 12, 2006 Baidu Company was hackers using a so-called synchronous flooding technology (SYN flooding) of the continuous attack, that is, through a large number of false IP address to establish incomplete connections, so that the service overload, so that Baidu can not provide normal services. And this is because of Baidu negative events constantly, such as Baidu's commercial customers for commercial disputes prepared to sue Baidu, and even someone to claim to create the incident hackers, the hacker said: "Do not like Baidu, especially the recent layoffs, and pole and Sohu, and other events, the way Baidu deal with his very dissatisfied, So decided black Baidu. "The senior hacker stressed that" black Baidu is only this ' hacker ' personal behavior. ”

4, November 6, 2006 Henan Personnel Department website was hacked, the same month 10th, the Judicial Bureau site also suffered misfortune. According to a deputy general manager of a network company in Henan, which has Zhengzhou government websites as a third party, the entire Zhengzhou and Nakata government website hardware facilities should be the best in the country. As for being "black", the reasons may be manifold. And according to experts explained: "The service consciousness is not strong, the website uses to fill the façade, this is almost the government website common disease, the service consciousness decides the responsibility consciousness, the service consciousness is not strong, the responsibility consciousness naturally also will not be good where, is ' black ' is also reasonable." "In fact, there are more cases, those personal sites, renting a virtual host site is not a way to enumerate." In view of the popularity of the Internet and the development of various hacker attack technologies, whether it is a commercial website or even an international famous giant website, or a nameless station, as long as the external access services, it will inevitably face the risk of attack, from the perspective of professionals, your site is black is inevitable, not be black is accidental.

Why are the sites hacked for reasons that are causing you to suffer hacker attacks? Of course there is a large part of the economic reasons, but not all of the attacks are economic. In general, the causes of hacker attacks are:

1. Hackers who are employed by others, such as malicious competition from commercial competitors, are attacked by hackers, as reported by the Internet Security Network: Hackers are hired to attack Western companies with malicious documents, which is a commercial competition.

2. Hacker attacks that are driven by commercial interests, extortion, theft of various types of bank account information and virtual property, such as all types of fishing activities are a commercial interest-driven attack.

3. Mischievous hacker behavior, such as tampering with the homepage of the website; this kind of hacker attack is often some novice's attempt behavior, more is for one kind of vanity satisfaction.

4. Collect broiler, attack a website, hanging on a Trojan horse (which can cause people who visit the site to be poisoned and make their computer an intruder); This category is for other types of attack reasons, according to the case obtained from the Internet Security Network community, the hackers even through this kind of behavior mastered tens of thousands of of chickens.

5. Retaliation type, such as the Web site services caused by the business disputes can not be processed when there will be hacker attacks, such as a certain period of time before the site is often inexplicable attacks can not normally provide services, authorities have pointed out that because of its Web site customer service is not in place, The cause of the bad customer caused the hacker to suffer from the injustice of DDoS attack, it is not so called its own alleged to be subjected to hostile attacks by competitors.

6. Theft of data types, such attacks are mainly targeted at a number of information sites, including toll users site, the general attackers will not destroy the server and Web site data, but will secretly steal the data as has been, such as stealing webmaster password and so on.

7. Rookie test type, this kind of general for some people who are learning hacker technology by attacking the site to practice hackers novice, such attacks generally less experience, easy to damage the site data.

8. Other reasons.

how to prevent your site from being hacked

1, the first to pay attention to site security, from the security system, security hardware, security personnel to be equipped with a certain plan. If the site owners do not attach importance to site security, only the site security as a technical issue, that is to bring serious trouble.

2, to do a good job of data backup, to prevent the unfortunate attack can be reduced to a minimum.

3, conduct security checks, take the initiative to carry out penetration testing, it is best to consider contacting professional third-party security services to carry out independent and professional penetration testing, to avoid the internal strength of the inadequacy and independence. This type of safety professional institutions, each has characteristics, such as Beijing's NSFocus, Shenzhen's security technology, Guangzhou's interconnected safety nets and so on, are the original "hackers" of the technical staff founded the network security company, full-time in the field of information security technology research and solution. ...

This paper collects and collates from the Internet, if you are the original author, please write a letter to change the author and source Post@chinaz.com (change # to @)