Our Business Webpage was HACKED…TWICE! What was our SOLUTION?
On a typical Wednesday morning I get to work and check my e-mail, only to find a client telling me “What’s up with your website?” I didn’t think much of it, but I did open it up to a horrific site. Some ill-intended hacker had filtered his way into our webpage and posted an image of a religious fanatic holding a machine gun and wearing a face veil similar to a Niqab most typically worn by women, covering all but his eyes. Needless to say, it was striking (see image).
I went into panic mode for about 10 minutes. I then called our hosting company and asked them to disable our site entirely. Notified our programming team and asked them to find out which files had been corrupted and run a full audit of the hack. It took about 3 days for them to find out that most of our web files were corrupt. Fortunately, they were able to clean them up. However, when we tried to upload them back, it wasn’t possible.
We went back to our hosting company to find out what was happening and it turned out that our domain was “blacklisted” because we had “violated their terms”. Of course they knew it wasn’t us, but their policies and protocols allowed for them to bar us.
The solutions they offered included buying a new domain, which in part meant we had to change our company name, which is a registered trademark. That wasn’t going to fly!
The other solutions were similarly difficult to implement, including having e-mail hosted with them but the domain hosted with another company that offered other secure Internet protocols. Apart from the time investment, there were considerable pecuniary expenses made throughout the ordeal. Our business and some of its main client functions run through our site, so this was beginning to take a toll on our performance and bottom line, not to mention that we were running out of ideas/solutions.
I didn’t mention the first attack because I barely remember it. I know one of the programmers was able to solve the first one without much trouble. Clearly, though, there was an opening for further attacks, which lead to the second attack.
So, after deliberating for a few days with a blank page as our webpage (and our brainstorming ideas board), I thought about what it meant to have a webpage. For starters, it meant a window to the rest of the world. It’s also a business card or presentation, information for clients and potential clients, a business traffic driver, and ultimately, trust and reliability. All in all, it’s something a business nowadays cannot go without. However, for a business like ours that relies entirely on the Internet to offer services, it means the whole world (literally, we work with clients that require multilingual services and we work with the best we can, which means finding the best of the best, wherever they may be, be it China, Colombia or the Kingdom of Bahrain).
We began thinking about social media, and how modern business uses social media to reach out to their crowd and potential business. Our webpage didn’t have much of that, and I knew we were missing out.
So what did we do? We called the hosting company, thanked them for their squared solutions and asked them to please forward our domain to our Facebook business page. We had already opened our Facebook portal years ago and were regularly updating it. But now was our chance to actually collect an audience that we knew, to capture some real analytics and have our voice be heard by a known public. We can now interact with our audience and have an open communication with them.
Now, if that hacker or any other Internet tormenter tries to hit Facebook, I would expect FB to have the muscle to tackle them to the ground.
It turns out this hacker ended up forcing us into a better position in the end by pushing us to revamp our social media strategy that allows a direct communication with our audience. We are now exclusively using https://www.facebook.com/trustlations as our main page, while working on a new translation portal using the highest security standards, which we hope to launch by April of 2016.