There is a cyclical pattern in web security. When a back-door or flaw is discovered in the code, the word spreads pretty quickly. The bad guys start finding ways to exploit the issue and the good guys start working on a patch to fix the problem. But no matter how great a solution the good guys come up with, it does nothing if those managing (or not managing) the site don’t take any action.
In 2017 approximately 143 million Americans had their personal information stolen during the Equifax Data Breach. It would later come out that a patch for the web application Equifax was using that been released 2 months prior but the system was not updated, allowing the breach to occur.
Maintaining the current version of WordPress and WordPress plugins is so important because most hackers are not looking for a new way in, they are specifically targeting sites that are still running old versions of software that is known to have been compromised. It’s a little like leaving your front door unlocked and then putting a sign in your front yard announcing that your home is not secure or monitored.
It’s helpful to understand most website hacks – the most common for businesses – don’t happen from the disgruntled “hacker” in their mom’s basement. Typically, the hacker creates a program that scours hosting servers looking for known vulnerabilities in outdated or unsupported versions of WordPress, or WordPress plugins.
The program, aka a “bot” finds an outdated or known vulnerability, and based on it’s programming, will perform it’s goal of uploading a virus, malware, spam links, or start sucking bandwidth from the server to mine cryptocurrencies and bring your site to a dead halt. Or, another very simple program for this type of bot would be auto-creating users for the hacker who then can manually accomplish their nefarious goal and wreck your investment and growth.
What does this mean for you and your organization? The level of damage that comes from getting hacked can range widely, but it’s certainly never positive! At the very least it’s a reputation issue for your business and at the most it will bring your business to a grinding halt and compromise the private information of your clients.
Mitigating your site’s risk of being hacked is possible. We can help. Our goal is to create a better, safer, more secure and patched web for the world. And, of course 100% security is a myth (see Yahoo – Uber etc.) which is why we take and store clean versions of your site incase a breach were ever successful. We’d have the hacked version down, and the clean version back online in short order!
Protect your investment in your digital real-estate and more importantly your hard-earned reputation by allowing us to maintain & protect your online presence.