Many WordPress and other CMS sites are being hacked, mostly in a randomly selected fashion rather than being targetted. It would not be professional to name any sites but currently a great many New Zealand sites show up in Google as hacked.
This hacking is usually indiscriminant – the hackers search and find many vulnerable sites and try out various exploits in order to compromise the site. Or in a lot of cases, these operations are automated and the whole process may not involve a real person, or only at the point where intrusion has been successful.
The targets range from small to large sites but the common factor in a hack is that a person or process has found a way into the site through some sort of security hole. This might be via leaked login information, or a badly coded plugin, or an unsecured or old version of the CMS. For instance, a WordPress installation that has not been updated for 6 months will be vulnerable to a number of attacks.
Some New Zealand web developers seem to be behind in the security game – not aware of, or not taking the level of hacking attempts seriously. This can range from not advising new site owners to keep all site components updated, or not taking on that management role themselves.
Most site owners will not be aware of the ongoing requirement to keep their website secure and up to date, and so should be given a security and maintenance plan at the very least. Such a plan should include the need for regular checks of website components for updates, and the need for offsite backups.
If you are a website owner and this is all news to you, Hybrid can help you with either a maintenance plan, or can take over the maintenance of your site.
If your site has been hacked, we can help with the recovery and cleaning process. You will need to provide us with various information so that we can access the back end of the site. Use the contact form and let us know what you need.