Over the weekend, a number of websites were hacked and defaced by a group claiming to be ISIS. While the FBI is reportedly investigating this act of cyberterrorism, there is no concrete evidence that it is linked to the Islamic State. In this case, claiming ties to an extremist group may be more about the shock value than an international threat. This is not the first time that a hacker has claimed to be linked to ISIS.
It is common for hackers to deface websites with their “calling card”, the image and message left behind to deface the webpage. In this case, it was a black banner with the ISIS flag. It included the message “Hacked by Islamic State (ISIS) We Are Everywhere ;)”. Images like this can distract website admins from the real problem: hackers usually leave a backdoor or two so they can access the sites later. These backdoors allow hackers easily enter websites, even if the administrator has changed the password.
Some reports suggest that these hacks are related to a plug-in vulnerability in WordPress. WordPress is currently the most popular blogging system, used for over 60 million sites. However, these hacks did not occur solely because these websites use WordPress as their platform. It’s the updates and the plugins that you have to be concerned about.
Outdated software is one of the biggest exploits that cyberattackers use to hack websites. In fact, it can leave your whole computer system vulnerable. Software is updated or patched to fix bugs and improve functionality. If these updates aren’t performed, your system is left with holes for attackers to use.
Protect Your Website From Being Hacked
The best way to protect your website is to keep everything up-to-date, and to use a website security service. The security experts at SparkTrust Certified can monitor your website 24/7. If there are any issues, you get alerted right away. Websites that have been hacked, or infected with malware, are immediately cleaned, so they are back online as soon as possible. Sometimes this is only a matter of hours. If a site is blacklisted by Google, SparkTrust’s reputation and industry relationships often result in a faster response time than if you were to contact Google yourself.
Take care of your website to avoid a hack like many experienced this week. Website hacks are not usually a personal attack, but an exploit of system weaknesses. Make sure that your platform is updated to the latest version, and that all plug-ins are up-to-date. If you don’t have a lot of time for site maintenance, have security professionals, like those at SparkTrust, take care of it for you.