Episode 262: Is Your WordPress Website Targeted By Hackers
Rob Cairns talks about if your WordPress Website is targeted by hackers. He gets into how hackers function and what they look for.
Hey everybody Rob Cairns here.
I wanted to talk a little bit about WordPress security.
Again and what I wanted.
To talk about was this whole notion that security attacks are always target attacks.
And I would strongly begin to differ.
There are some things that are targeted.
When we have.
A denial of service attack?
A DDoS attack?
On a bank that very well could be targeted or on an organization during an advent.
That could also be targeted.
And those are certainly targeted attacks.
But in this security world, especially with word press, one of the things that happens is.
We have what’s called script kiddies.
And basically what script kiddies arm is people that buy little hacking scripts that run around on the Internet.
And they basically.
Search certain websites for known issues or known vulnerabilities.
So let’s kind of layout an option.
So say there’s a website that has a plug in.
That has a known vulnerability and what’s called the plug in plug.
In aid, for example.
What they’ll do is Subiya script kit that includes looking for the vulnerability the plug in a has.
And when they get.
That has that vulnerability and they find it.
And what these scripts do is they search website after website after website.
It will install its malware payload.
Now, interestingly enough, it’s worth mentioning that malware might not get triggered.
For two months later.
So if you’re.
Not scanning your site to make sure it’s clean. That’s problem #1.
Problem #2 is, the minute vulnerabilities become no one i.e. They’re patched, you better patch yours because old vulnerabilities are out there.
The script kiddies will go working and #3. The thing you gotta be aware of is what’s called 0 days and zero day vulnerabilities are very simple. The vulnerabilities that get announced right away. Not through always proper disclosure, but sometimes.
And there’s no fix available for them.
So that’s the thing you’ve got to understand about a zero day.
The bottom line is these script kiddies don’t care what.
Vulnerabilities are running the songs that the vulnerabilities are looking for and then you use your site.
It might be for SCO spam, it might be to infect other sites and might be the steal credit card data and so on and so forth.
So what you gotta be really careful of?
That you patch your website on a regular basis and if you’re not gonna do.
Frankly, you need to hire somebody to do it for you.
And if you wanna chat about that, you can always e-mail me firstname.lastname@example.org I’d be glad to.
But keep in mind, in most cases you’re not targeted.
You’re just a victim of somebody looking to find out what holes they are and what they can do with your site.
And by not patching, not only does it cost you to get it fixed, but it potentially could impact your reputation.
Does somebody want to do business with somebody that’s been hacked?
Do you want to do certainly credit card business with somebody website that’s been hacked?
Think about that.
And think about.
Maybe you should hire a professional, not wait till it’s too late and deal with it.
Rob Karen, CEO, founder and chief creator of amazing ideas of stunning digital marketing, talking about a little bit about script kiddies and dumb.
You’re not necessarily targeted, you’re just.
A victim because you have a security vulnerability.
Have a great day.
Bye bye for now.