Avoid getting hacked like the CRA website
One of the biggest news in the tech industry of Canada happened in August 2020 – the Canada Revenue Agency (CRA) website got hacked. It was not just 1 cyber attack, in fact as per the news sources there were 3 back-to-back attacks. The approach used was pretty simple “Credential Stuffing”.
Credential Stuffing in simple terms means where hackers use passwords and usernames from other websites to break into a specific website. This approach is time and again used by hackers to run bots which randomly target websites and use this approach to penetrate and hack the website.
We know, first question that you would ask is “Why should I be concerned. Mine is a basic WordPress website”. The answer is your “wp-admin” access. If that gets hacked, then your entire website is compromised. If your website is compromised, Google does not index it anymore. If Google does not index your website anymore, your SEO & SEM strategy will not yield good results. If you do not get good results, your money invested in operating & marketing your business online is getting wasted. Phew !! So the bottom line is “Your money gets wasted even if you do not have any important information on your website”.
We know that you do not have the resources like Government of Canada to deploy on their website to get it back up within a couple of days and also restrict the damage, but by just following the best practices and investing in inexpensive plugins and softwares can help reduce the probability of getting hacked by as much as 50-70%.
Can’t figure out where to start? Don’t worry. Start by updating your admin password every 30 days and do not reuse old passwords. This itself will reduce the probability of getting hacked by “credential stuffing” by 50%.