Image

Websites increasingly vulnerable to cyber attacks
With company websites playing a critical role in business communications, the consequences of inadequate security practices can be devastating. This was tragically exemplified with the Panama Papers leak, calling for webmasters to rethink their cyber security practices. With WordPress’ well-known history of breaches and an overall instability of outsourced CMS platforms, website owners stand on a shaky ground if they don’t employ strong security. In fact, only a week prior to the Panama Papers leak, Avast warned website owners against a new threat for Joomla and WordPress sites. Using a popular name of jQuery library to inject a piece of code through malware, hackers have managed to infect 4.5 million users within a single day. “The number of hacked domains is abnormally high, which is why this kind of attack was and still is very popular on a daily basis. From November 2015 we registered over 4.5 million users who encountered this infection. Malicious code was found in almost 70 million unique files on hacked websites,” reports Alexej Savcin in an associated announcement. This is one of the most sophisticated WordPress attacks we have seen thus far, but is far from being the only one of this scale. In addition to this, the attack demonstrates the extent to which the strength of attacks targeting WordPress grew over the last couple of years. It thus become yet another wake-up call for the web community that still does quite poorly in terms of adopting cybersecurity standards.Webmasters still fail to implement security best practices
One of the most important steps to raise awareness of these issues among webmasters was taken by Google two years ago when the company announced that the use of SSL certificates will start making a difference in ranking positions. The idea behind the step was to encourage more website owners to implement secure protocols on their websites and start creating a safer web from there. In the meantime, Google made SSL even more important for SEO earlier in 2015, but this doesn’t seem to have had the desired effect. Namely, Google’s recent transparency report shows that there is still a large number of non-Google sites that do not use encryption whatsoever. The company reports that the volumes of encrypted traffic vary by country, with the variations resulting from a number of factors, such as the availability of software that can support modern TLS and types of devices most commonly used in that country.Image

Image
