Posted on March 5, 2019 at 7:32 PM
WordPress has long been a favorite, but it also powered 90% of hacked CMS sites in 2018. How can you protect yourself, and what are they after?
Fans of the popular content management system (or CMS), WordPress, may be surprised to hear that it accounted for about 90% of all hacked CMS sites in 2018. Web security and protection platform Sucuri blamed the hacks on a variety of weaknesses, including WebMasters failing to ensure they were running an up-to-date version of their CMS. User-error aside, however, Sucuri assures us that most of the infections were as a result of component weaknesses, such as themes or plug-ins.
How Updating Can Protect You
Looking at the case of Joomla!, a competitor of WordPress, it is clear that running a current CMS should be a priority for webmasters. It accounts for only 4.3% of total hacks in 2018; of those, 87.5% were found to be outdated. A similar story can be found with OpenCart, which boasts .4% of total hacks, 91.3% of which came from outdated CMSs. In total, 44% of all infections originated from CMS platforms that are outdated.
In some cases, however, just running a current CMS isn’t enough. E-Commerce sites such as these occasionally lag behind in updates, especially when hacking capabilities grow and morph regularly. The risk of breaking functionality with constant new updates is daunting for many, resulting in even the most “up-to-date” versions of some CMSs being incapable of providing adequate protection. For hackers determined to access valuable customer information, out-of-date sites like these ideal targets to find anything from credit cards to personal details.
They’ve Hacked Their Way In! Now What?
So they’ve taken advantage of the outdated CMS and component weaknesses and successfully hacked a small WordPress site- now what? According to Sucuri, the next step 68% of the time is to create a “backdoor”, which is a way to continue to access the hacked site. This backdoor will ensure the hacker unauthorized access to this site for as long as they need it, with full capabilities.
There’s an added danger of attracting other hackers, too; attackers frequently scan for backdoors left open by others to target and abuse. 56.4% of the time, this compromised site is used to host malware, or software specifically designed to damage or gain access to another system. This is the “traditional” computer virus most frequently associated with visiting hacked or unsafe websites. However, slightly more than half the time (51%), SEO spam pages will also be created and deployed.
SEO spam is the fastest growing type of Malware; up over 7% from just one year ago. This difficult-to-detect type of hacking will often result in the site becoming infected with great deals of spam, links to fraudulent sites, or unwanted advertisement. Often, there will also be attempts to take advantage of site rankings on search engines, giving it (although highly unethical) a strong economic motivation. This practice, caused Search Engine Poisoning (SEP) attacks, abuses the system of site ranking for profit.