ransomware

How Ransomware Attacks Target WordPress Sites

If you run a small business, your website probably runs on WordPress. The platform is by far the most popular Content Management System (CMS) for small to mid-sized enterprises (SMEs), and in fact among businesses in general: estimates now suggest that the platform runs fully 30% of the entire web. There are good reasons for the dominance of WordPress. It offers an easy-to-use interface, good integration with domain registrars, and allows SMEs to easily serialize their content over social media platforms.  

This ubiquity is something of a problem when it comes to security, though. WordPress is not inherently less secure than other platforms, but the sheer number of websites that use the platform makes finding security vulnerabilities in it extremely lucrative. For that reason, ransomware attacks against small business WordPress websites are alarmingly common. 

In this article, we’ll look at what ransomware attacks are, why small businesses are such a target for them, and what you can do to protect yourself.

The Basics of Ransomware Attacks

The basic way in which ransomware functions is easy enough to understand. A hacker will inject a malicious program into a victims’ systems, and this software will encrypt the data it finds there. The victim sees that their data is now unreadable, and the hacker will ask them to pay a ransom for its return. 

Beyond this basic description, the way in which ransomware operates “in the wild” can be extremely complex, as the details of a recent attack on a Saudi oil plant made clear. Even this kind of complex, state-sponsored attack, though, works in a fairly similar way to everyday ransomware exploits. 

The most important part of the ransomware attack cycle, and still the most difficult for hackers to complete, is the initial infection of a victim’s systems. The most common way of spreading malware is to use what’s called a phishing scam, where potential victims are sent a malicious email attachment which can then compromise other systems. 

Once the hacker gains access, there is little that can be done to prevent an attack, because the malware can be executed at any time. That’s why ransomware attacks are so common, so dangerous, and why they have been some of the most costly cyber attacks ever deployed. 

Why Hackers Love Small Business Websites

The other part of the equation for small business owners is that they are particularly vulnerable to all kinds of cyber attacks, including ransomware. There are a few reasons for that. The truth is that most small business owners are unaware of just how insecure their website is because they do not have the resources to employ security consultants to lock them down. 

Even among small business owners who are aware of the importance of good web security, the demands of the business environment can create problems. Many businesses seek to optimize performance at the server level, using web hosting services built specifically for WordPress. Unfortunately, this means that security takes a back seat to speed. Similarly, many small businesses make extensive use of WordPress plugins to achieve short-term business goals. There is nothing wrong with this in principle, but there are significant dangers associated with running unused plugins and themes.

Finally, many small business owners do not stop to think about how valuable the data they hold actually is. Even a list of customer names and email addresses can be sold for a significant sum on the Dark Web, because hackers can use this information to make further attacks against your customers.

Thankfully, however, there are a few key ways in which small businesses can reduce the risk of ransomware affecting their WordPress website.

Protect Yourself

When it comes to making sure you don’t fall victim to ransomware attacks, there are a few key principles to keep in mind. 

Some of these are technical in nature. You should ensure that you are using the best malware scanner you can afford because software like this will alert you at the earliest sign of an attack. In addition, you should use a Virtual Private Network (VPN) whenever you edit your website, to prevent data being intercepted and stolen when you share it across the web.

Secondly, you should ensure that your website is as secure as possible. You can do many things to extend the base level of security that WordPress gives you, such as installing SSL encryption on your site and making use of WHOIS privacy to take control of the data you are sharing.

You should also ensure that you are following the best WordPress security practices. When it comes to security, you can’t rely on technical means alone – the way in which you use your website is equally as important. Getting into good habits means that you should always use a strong, unique password for your WordPress site. You should also lock down access to your site to only those staff who actually need it in order to do their job, to prevent them from accidentally introducing security holes.

Finally, if you do become the victim of an attack, experts advise that you should not pay the ransom. That’s because in many cases, a hacker will not give your files back anyway, but will instead sell them on (if they haven’t already done that). Paying the attacker will just result in losing your money with no remedy for the attack. As a result, the first remedy is to report the attack to the relevant authorities and seek help in dealing with it. This may sound like a no-win solution, but recent data shows that businesses who take a hard line with hackers are able to protect their reputation in spite of being hacked.

Knowledge Is Power

Unfortunately, ransomware attacks are not going away anytime soon, and small businesses will remain at risk. That means that the only sensible approach to take is to recognize this risk and take reasonable precautions to limit it.

Doing that involves research. Ultimately, the best defence you can have against ransomware – or, in fact, any other kind of cyberattack – is to know how your website works, and the risks it faces. And now you’ve read this article, you’ve taken the first step in that process. 

About the author:

Sam Bocetta

Sam Bocetta is a freelance journalist specializing in U.S. diplomacy and national security, with emphases on technology trends in cyberwarfare, cyberdefense, and cryptography.

More articles like this