“The most aggressive campaign we have seen to date”
Early Tuesday morning, WordFence, a WordPress cybersecurity service, posted an alert of a massive brute force attack campaign that was mounting by the second. By the time the world started waking up, the campaign had peaked at 14 million attacks per hour. This means that this WordPress cybersecurity breach is, according to WordFence, “the most aggressive brute force attack in WordPress history.”
In a brute force attack, automated software is used to generate a vast number of consecutive guesses for certain data (in this case, passwords). So far, the vast majority of attempts have been unsuccessful, but the scope of this particular attack sets it apart from the rest.
What to do
If you already have RLM’s OverSite™ website maintenance, there is no need to worry—we have already made the necessary updates for you.
If you do not have OverSite or a similar web patch and update service, it is important to quickly make the following changes.
- Update your password to something more complex. The password generator tool on the “Your Profile” screen is a great resource. Don’t use any password that you have used before on WordPress.
- If you have an admin-level account that has the default username “admin”, change it.
- Delete any unused accounts, especially unused admin accounts. The less “doorways” you have to your website, the lower the chance of an unauthorized entry.
Understanding WordPress Cybersecurity
As we continue to watch this attack unfold, it’s important to spread the word so that other web owners can take action. Be sure to spread the news via social media and similar channels, and investigate firewalls and other security measures which can strengthen your security. Finally, consider investing in a regular website maintenance service. When your site is regularly patched and updated, your risk for a cyberattack significantly decreases.
A note: WordPress is the most popular content management system in the world, and supports more than 60 million websites. WordPress cybersecurity breaches of this kind are usually due to poor website management, not the platform itself.
If you would like to discuss the status of your website, please feel free to give us a call.