Earlier this week we shared a story that hackers loyal to ISIS recently hit a few church websites, among others. Before we go so far as to call this full-on spiritual warfare, as some have already done, let’s take it down a notch. Do a quick Google search and you’ll find lots of other recent ISIS web hacking victims: news media, local government organizations, airlines and even Taylor Swift. So it does seem that churches are not being targeted specifically. It’s not you they’re after, it’s everyone.
But even if churches were targeted specifically, is this really a big deal? Well yes, and no.
Let’s start with no. The fact that it was ISIS-related shouldn’t matter much. Should it? Unless you plan on caving to hacker demands or starting your own cyber attack squad, who did it shouldn’t matter. Let the FBI handle it. If your church site was targeted tomorrow, it probably wouldn’t matter to you whether the hacker was a member of ISIS, a disgruntled former congregant or a tech-savvy kid just having a little fun. The real issue is that your website was hacked.
And now the yes—this is a big deal. Incidents like this remind us that cyber security is pretty important. They remind us that at any moment our websites and social media accounts can be hijacked by those intending to do harm. Let’s use these incidents as a reminder to double-check the security of the church’s website and social media accounts.
- Make sure to use solid passwords or a password service like 1Password or Last Pass.
- Change the passwords on a regular basis.
- Don’t use the same password for multiple accounts.
- Don’t forget all your far-flung social media accounts. Every one needs a solid, unique password.
- Keep software and website plugins up to date.
- Consider using security software. If you’re on WordPress, the free iThemes Security is one option.
Remember: Your security is only as strong as your weakest password.
Finally, know who to call if things go wrong or you suspect an attack. Have contact information for your web developer and hosting service easily accessible. If you use an outside company to build and host your church site, don’t be afraid to ask them about how they intend to protect your site.
No one is immune to online attacks. But rather than over-spiritualizing the issue, let’s see this as an opportunity to double-check that our security is up to the task.