NIBA - Celebrating 35 Years
Back to Journal
Trading Technology

Why Hackers Hack Websites: Securing Your Website for Compliance and to Protect Your Business

N
Written by
NIBA
Published
Reading time
4 min
With the upcoming cybersecurity requirements by the NFA and nearly every regulatory body overseeing financial service industry participants, it’s important to not only comply with cybersecurity regulations but to use this as an opportunity protect your business’ website. Many businesses believe their website isn’t important enough to require website security for the following reasons:
  1. My company is too small
  2. My website doesn’t store sensitive client information
  3. My website is not that important to their business
Hackers don’t discriminate by business size, may or may not target your client information directly, and will damage your brand reputation. Here are reasons why hackers hack websites: 1. Vandalism and activism By switching out your home page with messages supporting questionable organizations such as hacker or terrorist groups, hackers are able to spread their message on your website. 2. To host illegal or objectionable content Media such as photos, video, or audio are stored on your website providing hackers with free illegal storage. 3. Improve search engine rankings Hackers hide links and keywords hidden inside HTML that can only be seen in the code or website scan to boost visibility and rankings of other websites in search engines. 4. Send mass spam emails Most websites have the ability to send email. Hackers leverage servers to send mass emails for fraudulent or illicit offers. 5. Steal customer information The type of attack most people think of when they hear hacking. This is the theft of customer data from a website ranging from names and email addresses to more sensitive data. 6. Run scams When a website is hacked to sell fake goods such as video game codes, software, pharmaceuticals, etc. by replacing webpages on your website and sending purchasers to your website to enter credit card info. 7. Attack other websites Code is stored on your web server and used to attack on other websites ranging from spam to denial of service (DDOS) attacks. 8. Spread malware and viruses Your website is infected with malware or viruses that are passed on to website visitors. This can range from spying programs to adware. Hackers often employ botnets, an army of servers that search the internet for websites and servers with specific weaknesses it can exploit. Unless an attack is personal or specific, the majority of attacks are performed by robots to carry out a hackers wishes. These botnets attack websites of all sizes and don’t discriminate. Once a website is hacked it can be very difficult to restore it to its original state. Websites without backup can be hacked without repair. While a denial of service attack can make it hard to even get your website to load as it is constantly flooded with traffic, and websites that have been hacked or are sending out malicious traffic can be blocked and even banned from Google.   How to Prevent Having Your Website from Getting Hacked While there is no way to completely protect a website from being hacked, protections can be implemented at very reasonable costs. Also make sure your web developer has properly secured, configured and maintains the web server it is hosted on, and that the website itself has the proper security applications installed. This includes keeping the Content Management System such as WordPress current with the latest updates. My company, Gate 39 Media, specializes in working with financial services firms and we recently released a Website Cybersecurity Checklist for firms of all sizes which you can download and use as a check list of tips on securing your website. By following the tips above and taking the precautions in our checklist, you’ll likely be in compliance with the cybersecurity requirements for your website and have the comfort that your website is protected. Shane Stiles is the President of Gate 39 Media a financial services marketing firm providing online marketing and application development for financial services across futures, equities, alternative investments and insurance.  

Stay Informed

Subscribe to the NIBA Journal for the latest insights and industry updates

Related Articles

View All
Trading Technology

Utilities Look Beyond Fintech to Create Innovation in the Market

Fintech is more than just a buzzword. Fintech represents the innovation in services and technology that will disrupt business models, business processes and software applications in the coming years, in nearly every financial services business globally. Examples abound in digital strategy and transformation, blockchain and distributed ledgers, and more. But where do industry utilities fit into this exciting new world of innovation? Utilities are another form of innovation that take the operations and technology processing that is replicated over and over again in the industry and consolidate it into a single, standardized operating model. The goal of utilities is to shift the responsibility for maintaining and investing in non-differentiating processes and technology to vendors, so seeing the words “utility” and...

Trading Technology

Cyber Security

While attending the recent NIBA conference, we learned about new rules affecting our industry. Brokers will no longer be able to email client documents to their customers, clearing relationships, or service providers without being highly aware of their duty to protect client information from would-be hackers. This is big adjustment for the industry. Just as we adapt to the fluctuating Chicago seasons, in time, we will learn to adjust to these new rules as well. At Midland, we provide administrative and custodial services for futures accounts for individuals that are using IRA money to invest in these products. As the administrator, we require documents to setup and fund these investments: account statements, FCM paperwork, CTA disclosures, letter of direction, and...

Trading Technology

Cybersecurity: Before & After the Breach

Security breaches are quite prevalent in the media today. Many security experts feel it’s not a question of if your company will suffer a breach of your information, but when. A panel at the NIBA Annual Members Meeting recently explored this topic. Preparation for a potential event is key to being able to address it. Information Technology (IT) enterprises of all sizes need to know exactly what data they have, where it is stored, and what the potential threats to the data are. Even small companies need to pay attention to the basics of securing their computing environment. These include: • Timely patching of operating system and other software • Using strong passwords for machine access • Performing backups of...