In 2019 we saw a surge of hacking and malicious cyber activity, mainly due to the ever-increasing battle between theme/plugin developers and the hackers that try to exploit their code. According to Estevao Avillez, Senior Director of Security Engineering at Securi, there is a 60% increase of vulnerable websites in 2019.
This means that there is a good chance your website is not protected from one of these attacks. So how vulnerable is your website to hacking in 2020?
Why Has Website Hacking Increased?
Increased Understanding of Third Party Technology
With great technology comes great…vulnerability.
With ever-expanding features being added to different Content Management Systems like WordPress every day, it opens up a host of opportunities for hackers to put their code into these new developments. That is why it is crucial to constantly update your plugins, widgets, and themes frequently. WordPress isn’t the only platform struggling to patch up its code. The FBI issued an alert on April 23 after detecting two hacking attempts by cybercriminals to send fraudulent SWIFT messages through third-party vendors “to initiate fraudulent money transfers“.
One reason 2020 is such a dangerous time for security is the global pandemic caused by Covid-19.
Jerome Segura, director of threat intelligence at security firm Malwarebytes, said in an email that his company has also seen “an overall increase in malware campaigns using coronavirus/COVID-19 as a lure.” He added that the hackers appeared to range from sophisticated, state-sponsored attackers to ordinary cybercriminals and that the malware aims to do things like steal banking credentials or logins to work-related accounts. Read more about these schemes here.
According to a report by RiskIQ, Kaspersky Labs’ researchers observed that, since March, cybercriminals are “targeting networks with remote desktop protocol (RDP)” by using compromised account credentials and automated tools. Through this method, cybercriminals can “steal data, drop malware, or target the network via ransomware”.
The company Zscaler reported a 30,000% increase in phishing since January of malicious websites and malware, targeting corporations and customers, related to COVID-19. IBM witnessed a 6,000% increase in Covid-19 spam from mid-March to mid-April.
According to the company, “small-business owners and consumers could be the most vulnerable to scams.”
Be Careful Out There
Extra precautions have to be taken, at every level of business. Zoom users are now being targeted by a phishing attack that sends fake Zoom meeting notifications informing users that their contracts will be suspended or terminated. If users click on the link, they are sent to a phishing website similar to a Zoom sign-in page to input their credentials.
But by far the most damaging hacks are the ones that come from your own website. Your company will not only lose customers from your mistakes, but it will also lose time and money dealing with fixing the issues. Most importantly, your company will lose trust. If you do not have a plan in place, you are one of the 60% who is not ready for an attack.