WordPress and DDoS attacks
During the first few weeks of the year, the Eastern Region Special Operations Unit (ERSOU) cyber unit has a seen a dramatic increase in the number of WordPress sites being both targeted and used as bots in other attacks, as part of sustained assaults on business servers by way of WordPress Pingback DDoS tactics.
Content Management Systems like Wordpress can unfortunately suffer from a number of vulnerabilities and potential areas that can be exploited by hackers. One such exploit is to use the WordPress site in a Pingback attack against another website. On its own this will not have a great impact, but hackers can exploit WordPress sites in scales similar to some botnets and launch thousands of pingback requests at a website simultaneously without the WordPress owner’s knowledge, all the while remaining in the shadows, hiding from the target.
Not only does the target suffer a huge reduction in performance of their website, but so do the unsuspecting WordPress sites, thus making this a double-whammy when it comes to victim impact.
How to protect yourself
A few simple steps can be incorporated to help mitigate against this threat with the installation of existing WordPress plugins. The Pingback attack exploits a protocol called XML-RPC which facilitates the use of the pingback methods in content management sites, which are used to inform authors of documents when others have linked to them. If this method is not something that you need to use on your site then you can disable it by installing the Disable XML-RPC Pingback plug-in from WordPress.org.
You can also add additional security to your site by using security plug-ins such as iThemes Security or Wordfence which provides you with protection from potential hacks, malware deployment and even allows you to monitor attack attempts on your site.
The final piece of advice is to ensure that your WordPress software is fully up to date with the latest version, including your themes, plugins and any other software associated with your site. Regularly check the WordPress site for updates and bulletins on how to protect against the latest threats. In addition, you should also speak to your hosting provider and ensure that they too are guaranteeing your site appropriate levels of security with suitable hardware and software protection.
Links and references: