Yesterday, I was attacked by bots. Basically, one bot attempted to log into my site over and over, eating up bandwidth until my host provider just took the whole thing down — so if you tried to read my blogs or buy a Localist book yesterday, you were out of luck. Because of a LOT of work from my web developer, I’m back up and running today, but why was I hacked at all?
Spambot Attack Theory #1: Targeted by Amazon
Maybe the bots who read my Localist ebook on Amazon reported to their corporate overlords and Jeff Bezos is sitting up in an ivory tower someplace, Dr. Evil-style, pleased with his first attack and readying himself to send an army of drones to my house for round two.
Spambot Attack Theory #2: Revenge of the Spambots
Is it any coincidence that I got attacked by spambots just days after I began mocking spambots with my Twitter? See, bots leave comments on blogs in the hopes that the content will get approved and their sponsors will have a link that helps make them look more legitimate to search engines, but their comments are often awkwardly worded — because they’re written by robots or by non-English speakers — and I’ve been tweeting some of their ridiculousness. So maybe we’ve reached the singularity, bots have developed consciousness, and the first thing on their agenda is attacking Carrie Rollwagen.
Spambot Attack Theory #3: Hackers Targeted a Small Business (This Is Probably What Actually Happened)
Okay, okay. I know I’m probably not being targeted by Amazon or by artificially intelligent bots. It’s way more likely that bots weren’t after me at all, but were attacking Church Street Coffee & Books (our website accounts are linked). According to a conversation I had with an MIT researcher when I visited Boston on The Localist book tour, small businesses are huge targets for international hackers. Most small businesses have extremely poor security. These hackers exploit their vulnerabilities by taking not only their passwords, but also by cracking financial records. Essentially, they hold the sites hostage until the business pays the ransom, and they know exactly how much ransom the business can afford, because they’ve checked their financials as well — according to my source, they generally set an amount that’s fairly low as far as blackmail goes, betting that most businesses would rather just pay it and get their site back than go through costly and complicated security procedures.
What’s the solution for this? I don’t really know. It’s tricky and convoluted, and that’s why hackers are able to game the system in the first place. It would probably help if small business advocate organizations had programs to help small businesses protect their sites better. It might be good to explore a legal or federal process for prosecuting hackers who attack sites this way (and to make it accessible for small businesses and individuals instead of just huge institutions who can bankroll expensive lawsuits). Even better, there’s an opportunity for computer geniuses who know how to prevent this kind of thing to contract out to help small businesses learn how to protect themselves, or for locally owned companies who build and host websites to prioritize security for small businesses. (Most of them — like Infomedia, the Birmingham-owned company I work with — already do, so a small business wanting to prevent this kind of problem could contact a web development company to help protect them from potential attacks. Depending on the size of the business, though, this option can be fairly pricey.)
Whatever the long-term solution, the best thing most of us can do is keep shopping at small shops. It’s lack of money that keeps most local businesses from dealing with this in the first place, and the number one thing we can do to help with that is to keep shopping with them. In the meantime, I’ll be beefing up my security (or actually, my developer will), and hopefully I’ll keep blogging despite the bots — and I’ll keep tweeting about them, too.
Carrie Rollwagen is author of The Localist: Think Independent, Buy Local and Reclaim the American Dream, creator of 30 Days of Local Praise and co-founder of Church Street Coffee & Books. Find her on Instagram, Facebook and Twitter @crollwagen.