Our website got hacked!

CYBERS 22.02.2021

“We got hacked” – is a sentence that a cyber security provider should not ever say to stay in business… but here is our story! And no need to panic it was our WordPress site hosted by a third party. Our services and customer data are safe and sound, we don’t have any kind of impact to our customers or company data. As a cyber security company sharing our experience about all type of attacks with our community helps to avoid the same situations in other companies.

What happened?

We noticed on February 8th that something seems wrong with our homepage. When you would have tried to visit our page, you would have been redirected to different addresses chosen by our webpage attacker. Our incident response team confirmed the fact promptly and got into action. The culprit was a vulnerability that hit the news at the 6th of February, in one of the plugin named –Ultimate GDPR & CCPA Compliance Toolkit for WordPress which CYBERS used. The exploitation allowed an unauthenticated user to change the settings of the plugin and redirect traffic to an external website. It took us 35 minutes to identify the problem and return the site operation back to normal. 

What issues did it bring us?

First, it is still an unnecessary hassle. Investigations started together with our partners and manhours spent for post-analysis report, notifications to our CERT-EE as regulations demand. All these activities are necessary, but my point is that it is easier to protect better to avoid the impact. 

Hence this is what we learned: 
  • Our regular patching and scanning of vulnerabilities using general tools were OK, but not enough to cover niche plugin-related vulnerabilities. 
  • Monitoring of website needed improvements.
  • Additional protection tools needed to be implemented. 
Let’s not this go to waste!

It is always better to learn from others’ mistakes. WordPress security is a topic of huge importance for every website owner. Google blacklists around 10,000+ websites every day for malware and around 50,000 for phishing every week. If you are a business owner and are worried about how is your WP homepage protected check out the list below. These WordPress security tips help you to protect your website against hackers and malware: 

  • Add Security Questions to WordPress Login Screen 
  • Add Two Factor Authentication 
  • Automatically log out Idle Users in WordPress 
  • Install a WordPress Security Plugin 
  • Change the Default “admin” username 
  • Change WordPress Database Prefix 
  • Disable Directory Indexing and Browsing 
  • Disable File Editing 
  • Disable PHP File Execution in Certain WordPress Directories 
  • Disable XML-RPC in WordPress 
  • Enable Web Application Firewall (WAF) 
  • Install a WordPress Backup Solution 
  • Limit Login Attempts 
  • Move WordPress Site to SSL/HTTPS 
  • Password Protect WordPress Admin Page 
  • Scanning WordPress for Malware and Vulnerabilities 

 

If you need help with WordPress security do not hesitate to contact us and let us check together what is the status of your business main gateway!  

Share

Share

Latest blog posts

03.03.2022

Cybersecurity as part of defense measures against modern war fighting capabilities

CYBERS in cooperation with Recorded Future will share insights on the ongoing cyber crisis which started several months before the military invasion. This article provides an overview of the current situation, as well as the recommended emergency actions that should be taken by organizations to withstand this cyber conflict.

Keep reading
20.01.2022

Testing and identifying the value of your next cybersecurity solution

The security world is changing rapidly and we are slowly reaching another huge milestone. Not a very happy one though: manual security operations are no longer sufficient. This is a little bit painful to admit but the fact remains: if you rely on the manual labour of CTOs, CISOs and their teams to react to an incident, then you are in for a very rude awakening.

Keep reading
27.12.2021

Are you at risk from the security vulnerability found in the Java-based Apache Log4j logging feature?

A security hole was discovered in the Java-based Log4j logging feature, affecting millions of businesses, government agencies, and cloud services using this popular Apache library. Are you at risk?

Keep reading