SUCURI release Hacked Website Report for 2016 Q3
This is the third Hacked Website Report issued by SUCURI.
This third quarterly report continues to shine a light on the changing threat landscape.
It also highlights those kinds of websites that are most likely to come under attack by hackers.
All websites are of course in the cross-hairs of hackers, but some make more tempting targets than others.
Some Q3 Report Findings
Whilst this report focuses on Wordpress, it does provide lessons that need to be taken on board by owners of all kinds of websites, including Joomla!
What stands out for us in all three quarterly reports seen so far is the imperative for Joomla! CMS users to focus on website security.
Most targeted CMS
Wordpress continues to be the most attractive open source content management system (CMS) target for hackers.
One possible reason might be that Wordpress is in more widespread use globally than other CMSs with resulting economies of scale for hackers.
Most targeted type of website
eCommerce websites make nice juicy targets for hackers.
- If you run one you had better focus on security.
- If its open source then doubly so.
Magento, for example, continues to be heavily targeted by hackers.
Most likely reason for getting hacked?
"There is currently a sharp decline in the knowledge required to have a website, which is breeding the wrong mindset with website owners and service providers alike." Source: SUCURI Hacked Website Report Q3 2016.
Read all three quarterly reports together (Q1 -3, 2016) and you cannot but draw the conclusion that the biggest contributing factor to the continued success of hackers is the inadequate level of maintenance undertaken by website owners, including:
- not running the latest available release of CMS and 3rd party extensions,
- not running the latest available release of PHP and MySQL 1,
- not performing regular back ups,
- not installing or inadequately configuring Web Application Firewalls.
1 Whilst web hosting companies are the ones who control which release of PHP and MySQL runs on their shared servers, website owners should be holding them to account and moving their website when their requests for updates are ignored.
In this section of the report the researchers include a nice pie chart indicating the most common files they see have been modified by hackers: index.php. header.php and .htaccess.
The report also states that the number of files cleaned by SUCURI per hacked website is on average 92 (up from 80 in Quarter 2).
What should we conclude from this fact?
That fixing a compromised site is far from straightforward.
Unless of course you made a full back up before the hackers got to work!
Neglect performing frequent backups at your peril.
Read previous reports
WYNCHCO Joomla! CMS Support
We coach, help and support managers with responsibility for Joomla! websites in organisations across Cheshire, Manchester, Merseyside, North West England & the UK.