There was a recent report (The Hacked Website Trend report) produced by GoDaddy Security / Sucuri. It basically identifies the latest tactics, techniques, and procedures (TTPs) seen by the Remediation Group (RG). The purpose of the report is to provide users with an idea of things to look out for (especially those who are building websites), and trends that are being used by the hacker communities. This report builds on the data from the previous year and includes updated data from January to December 2018.
As seen in previous reports, it concentrates on Content Management Systems (CMS) applications most affected by website compromises via our customers, the type of malware families being employed, and updates on the state of website blacklisting. It doesn't go into depth with third party CMS plugin or theme configurations, but the data is a representative sample of the total number of websites the team performed services for in 2018. A total of 18,302 infected websites and a total 4,426,795 cleaned files are analyzed in this report.
What are the takeaways?
As we all know, WordPress is the dominant force when it comes to volume in the CMS world. This makes it a no-brainer that it would be the most hacked CMS on the planet. What many people do not realize is the fact that many hacking instances could have been prevented with care and maintenance on your website. One of the biggest reasons for a site getting hacked was because is was using an insecure version. Basically what that means is your site is outdated. In the space we live in, technology changes so rapidly that you have to be ready. CMS companies update their software very regularly, and are always applying hotfixes to address bad code. if you don't keep updated it could lead to things like a SQL injection (for instance).
The other thing that I noticed from the report, is the level of sophistication being used to hack websites is increasing. What that means to me is you need to be fully aware of the vendors you use, not just the CMS platform but also the modules and theme developers. If the software you are using does not provide support or gets regular updates it may not be the right solution.
What do I do now?
If you are an owner, have your developer or agency who's in charge of your website check to make sure everything is updated. One thing that can not be overlooked if you are working with an agency is having a maintenance agreement in place so that you do not have to worry. Having regular check-ins on the health and well being is a must these days. If you are a developer, read through the report. It contains very specific information about how hackers are working and at the very least you will have the knowledge in your back pocket of what to look for in the event.