WordPress Sites Under Hacker Attack
New research from Imperva has shown that WordPress websites came under attack from hackers 21.9 percent more times than sites running on other CMS platforms combined.
According to a report from betanews, WordPress sites are more likely to be attacked than any other site with WordPress websites suffering 60 percent more XSS incidents than all of the other CMS platforms.
The research from Imperva also found that WordPress sites are more likely suffer a lower number of incidents per specific attack but were however also more likely to be vulnerable to higher traffic volume for each type of attack.
Imperva said: “We believe that popularity and a hackers focus go hand in hand”
“When an application or a platform becomes popular, hackers realize that the ROI from hacking into these platforms or applications will be fruitful, so they spend more time researching and exploiting these applications, either to steal data from them, or to use the hacked systems as zombies in a botnet”.
Anyone who runs a retail site through WordPress is more at risk than other forms of websites as hackers tend to prefer to attack these sorts of sites according to Imperva.
More than 48 percent of all attack campaigns on WordPress were found to be targeting retail applications.
According to Betanews, Amichai Shulman, chief technology officer at Imperva, said: “Looking at other sources of attacks, we were also interested to find that infrastructure-as-a-service (IaaS) providers are on the rise as attacker infrastructure. For example, 20 percent of all known vulnerability exploitation attempts have originated from Amazon Web Services. They aren’t alone; with this phenomenon on the rise, other IaaS providers have to worry about their servers being compromised. Attackers don’t discriminate when it comes to where a data center lives”.
Ilia Kolochenko, CEO and founder of High-Tech Bridge, said: “For upwards of a decade, the major CMS platforms such as Joomla and WordPress have been deeply researched by both black and white hat hackers (some well-known CMS even changed names during their development). Today it would be fair to say that the vast majority of data breaches are directly or indirectly related to vulnerable web applications and compromised websites”.
WordPress are continually working to protect their users make sure you keep up to date with updates and especially updates for any plugins that you may be using as this is where many attacks can take place.