It’s time to get serious about threats to your WordPress website. The SiteLock research team has investigated the types of attacks WordPress users can expect in 2016. Let’s take a look…
Attackers will continue to exploit vulnerable WordPress installs to serve spam or redirect unsuspecting users to malicious sites in 2016. Once a vulnerable WordPress install is compromised, usually through a vulnerable plugin or theme, attackers upload or write thousands of spam files to the site and then use poisoned search engine indexes to drive viewers to those malicious pages. We’ve seen multiple forms of adaptation for how spam content is created and hidden leading up to 2016, and the new year will surely bring more approaches to serving spam.
Brute force attacks are a constant if you have a presence on the web. Brute force attacks in this case are where an attacker attempts multiple logins using different passwords for a user to gain access as that user. Like spam attacks, WordPress login brute force attacks have evolved leading up to the new year, and the low investment, high gain tactic will continue and likely increase. In fact, we’ve already seen an increase in distributed brute force attacks on some high profile sites.
Briefly, ransomware is malicious software that encrypts files on a workstation or web server and demands a ransom in Bitcoin to decrypt them. The use of ransomware is quite profitable for criminals with Ransomware as a Service (RaaS), and new innovative variants of ransomware are becoming the norm.
As we touched on in a previous post, ransomware has started to target websites. While these types of attacks aren’t prevalent at the moment, we wouldn’t be surprised to see them rise and become a legitimate concern for the WordPress user base during 2016.
Defacements consist of the changing of a site’s front page into something undesirable: a political statement, message to the site owner/admin about lax site security, or a promotional message about the defacer or defacement group. Defacements use any vulnerability available on a site to upload or write the malicious page to the server. Here is an example defacement promoting the defacement group.
Defacements have been a fact of the web from its early adoption. The technical impact of most defacements is usually low, though the impact to reputation and sales may be significant. Expect the rate of defacements to continue, if not rise, due to recent world events.
While cyber criminals continue to ramp up their assaults, you must take control over your website’s security and exercise the utmost caution. Through precautions such as malware scanning, DDoS mitigation, web application firewalls and more, you can fight back in 2016. To learn more about implementing these technologies in your website contact the SiteLock team at 855-759-1108.