No website is too small or too unknown to be hacked. 43% of all cyberattacks target small business! An average small to medium business website is attacked over 60 times every day.
In addition, a low-profile website is a nice playground for hackers to try out new tools and techniques. Hackers will often use automated tools to find vulnerable websites and won’t discriminate when it comes to the size or nature of their target.
Web applications, even if they’re not targets themselves, will also be of interest to attackers. Web applications with sloppy security are easy pickings.
Also, while you might not operate an eCommerce business with payment information etc., there are still plenty of other assets, data and resources a cybercriminal would love to get their hands on. These include:
Drive By Attacks: Your site is used as a “launch pad” – someone visits your website and software is maliciously installed on their computer which then gives the hacker access to that device. Your site, in itself, is of no interest beyond its ability to be the vehicle that installs malicious software onto other computers.
Email addresses: The email list you’ve worked so hard to build could be a target for phishers and scammers.
Your website’s traffic: A type of malware called a redirect can automatically send visitors from your site to a malicious website.
Your keyword rankings: Google uses keywords and links in your site to tell it where to rank you in search results. “SEO Spam” is a type of attack that injects spammy keywords and links into your site and forces it to show up in results for the unrelated keywords, while preventing you from displaying in searches for terms actually related to your business.
Your visitors’ attention: Defacements, a type of attack that vandalizes your site, are often executed with the intent to push a political or religious agenda.
Also, keep in mind that you might have to rebuild some or all of your website from scratch if you don’t have a clean, recent backup to restore from.