Cybercriminals hijacked thousands of WordPress websites in September 2018. Learn how hackers carried out these attacks and what you can do to protect your business’s website.
Hackers hijacked thousands of websites in September 2018 and installed malicious code in them. All the sites were using the WordPress content management system. WordPress sites are a popular target for cybercriminals because they are so common.
The September Attacks
The security researchers who discovered the barrage of attacks in September believe that the cybercriminals accessed the sites through outdated WordPress plugins and themes. Once the hackers gained access, they modified the sites’ code for malicious purposes. For example, in some cases, the code sent site visitors to tech support scam pages. The cybercriminals also planted backdoors in the sites so they could easily access them in the future.
Don’t Become the Next Victim
Many small and midsized businesses use WordPress because it is free yet full-featured. If your business is one of them, you need to protect your WordPress site. A good place to start is to:
There are also other measures you can take. For example, if visitors log in to any part of your WordPress site, you should implement a password policy or possibly use a two-step authentication system. We can evaluate your site and devise a customized plan to protect it from hackers.