Now on Demand Ransomware Resilience & Recovery Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Website Attacks Surge: Report

Websites Hit by 63 Attacks Per Day, Says SiteLock

The number of attacks aimed at websites has increased considerably in the past months, according to a new report published on Monday by SiteLock.

Websites Hit by 63 Attacks Per Day, Says SiteLock

The number of attacks aimed at websites has increased considerably in the past months, according to a new report published on Monday by SiteLock.

SiteLock’s Website Security Insider report, which is based on the analysis of more than 6.3 million sites, shows that there were, on average, 63 attack attempts per day on websites in the second quarter of the year. In comparison, the company saw only 22 attacks per day in 2016.

According to the company, 87% of these attacks involved malicious bots, including ones operated by cybercriminals, spammers and data scrapers. As for attacks that did not involve bots, more than 57% of requests were blocked by SiteLock due to the fact that they came from countries blacklisted by its customers, and 36% were illegal resource access attempts, including command injections, directory traversals and file system access.

When it comes to content management systems (CMS), SiteLock says the risk of attacks on WordPress websites is twice as high as in the case of the “average site.” The security firm discovered that 69% of compromised WordPress websites had the latest WordPress core security patches installed, which indicates that the attack was likely carried out via a vulnerable theme or plugin.

The higher the number of plugins, the more likely it is for a WordPress website to get hacked, and researchers found that 44% of the plugins in the official WordPress repository have not been updated in more than a year. This includes over 120 plugins that have at least 50,000 active installs.

Joomla and Drupal are also at elevated risk of attacks, especially since they haven’t always offered reverse compatibility with legacy features, making their administrators less likely to install updates. In the case of Joomla, SiteLock found that 19% of the sites it observed had been using version 1.5, for which support ended in September 2012.

An analysis of the malicious code planted on compromised websites showed that 62% of threats were related to spam, while nearly a quarter were backdoors.

Advertisement. Scroll to continue reading.

Worryingly, many websites don’t have adequate protections in place and their administrators are often alerted to malicious activity by web browser warnings such as the ones displayed in Firefox via Phishing Protection and in Chrome via Safe Browsing.

“Browser warnings about compromised websites are usually driven by blacklists maintained by search engines, where search engine crawlers have recognized that malicious code is present on the website they’re attempting to index,” SiteLock explained in its report. “For many website owners this practice creates an assumption that if there are no warnings, then there isn’t an issue. Unfortunately, this incorrect assumption puts both the website and its visitors in danger. In three out of four cases, infected websites were not flagged by search engines”

SiteLock has surveyed more than 20,000 owners and over 40% of them falsely believe that their hosting provider is responsible for securing their websites.

Related: Hacked Websites on the Rise, Says Google

Related: Websites Increasingly Using Security Technologies

Related: Mozilla Launches Website Security Testing Tool

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Bill Dunnion has joined telecommunications giant Mitel as Chief Information Security Officer.

MSSP Dataprise has appointed Nima Khamooshi as Vice President of Cybersecurity.

Backup and recovery firm Keepit has hired Kim Larsen as CISO.

More People On The Move

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.