Inside the Briefcase

Women in Tech Boston

Women in Tech Boston

Hear from an industry analyst and a Fortinet customer...

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

IT Briefcase Interview: Simplicity, Security, and Scale – The Future for MSPs

In this interview, JumpCloud’s Antoine Jebara, co-founder and GM...

Tips And Tricks On Getting The Most Out of VPN Services

Tips And Tricks On Getting The Most Out of VPN Services

In the wake of restrictions in access to certain...

<strong>6 Tips For Training Your Employees About Cybersecurity</strong>

6 Tips For Training Your Employees About Cybersecurity

This discussion will focus on establishing an all-encompassing information...

How Square Improves Shareholder Engagement and Enhances Overall IR Efforts with Actionable Insights 

How Square Improves Shareholder Engagement and Enhances Overall IR Efforts with Actionable Insights 

The healthcare industry is in no way exempt from...

How to Secure Your WordPress Blog Site from Hackers

May 16, 2013 No Comments

Featured Article By Blake Pappas

Experts reveal that over 64 million blogs incorporate WordPress software.  Therefore, when the announcement was made recently that WordPress had been successfully hacked, the world paid attention. The compromised blogs discovered so far have the weak default security passwords of “admin”, “administrator”, “test” or “root”.  If you have a blog utilizing one of those passwords, obviously you should change, delete and replace it immediately.  In order to affect the foregoing password changes, it will be necessary first to change your administrator, since WordPress refuses to allow password changes unless under a new administrator.

This newest incident of successful hacking is vital and could be disastrous to anyone using medical, accounting, legal or human resources coding programs. This alarm extends to the students of those careers as well.  The hacking procedure installs a back door to your system. By use of this back door the access to and subsequent acquisition of all of your system’s coding program is now in the hacker’s program. The worse application is that once the backdoor is installed in your program, changing your discovered password will not help.  The purposeful infiltration of your system is ongoing.  The compromised sites are then examined for other WordPress sites and the infiltration spreads.  It is estimated that more than 100,000 brute force attempts per day are made against the WordPress system programs.  Efforts are undertaken professionally to thwart these harmful invasion disasters, but it requires vigilance by the programming code administrators using WordPress as well.

The “endpoint” for any hacking or other malware is always with your employees themselves.  Educating and conditioning each employee to be dedicated against the entry of any infiltrating hacker will prove to be invaluable.

The anticipated purpose of the forceful attack on WordPress program coding is to generate a botnet that would encompass the overall system.  With that, the hacking operation could send out universal commands to stop service for national banking institutions, all coded program government organizations, and international interests could be compromised with that one hacking operation. Administrators working with coding programs in the private sector such as nursing, other medical, accounting, legal fields, criminal justice and a vast number of related coded programs can readily see their vulnerability also.

One known terrorist organization is known to be active in such botnet and hacking operations and is currently under constant investigation.  However, that one terrorist cell is not considered solely responsible for all hacking successes so prevalent today. Eliminating account names and passwords is still considered the fastest way to stop infiltration of your coded programs, because an IP limiting software or a plug in that throttles logging in is not nearly effective nor fast enough. This alarming advisory emphasizes again the need to educate and dedicate your code program personnel as perfecting your security’s biggest protection.

Hacking and even the lowly phishing are not what they used to be.   Today an employee can be reeled in by emails that seem to be from a real person they met, with reference points of places and topics.  In short order they are communicating socially as affable friends, while one picks the email brains of the other or sends an email link trap for the misguided employee to open.  Sometimes phony delivery men enter offices to detect and confiscate coded information or material.  A USB device can be “lost” on your company parking lot. In reality, the devious owner is counting on your curiosity to insert it into your system for a look-see.

Employees working with coded programs cannot rely on the diligence of IT investigators to get the work done and protect us all.  We all have to do our own due diligence, take the appropriate steps of caution and security, and be our own watch dogs.  The biggest threat to your company’s coded program is not from a satellite nosing about overhead, it could be from the technical desk three cubicles over.

Securing your WordPress blog site from hackers is not impossible, however. There are numerous industry security magazines containing valuable newsletters, events, articles and white papers for those working with coded programs or other sensitive careers. Some are even free and digital. Stay educated of the news from within your sector and be aware of what is happening outside it as well. Applicable information can also be found in a management information systems degree program.

Your battle with hackers trying to corrupt your sensitive programs is ongoing. Use these tips to protect your WordPress application.

Blake completed his undergraduate degree in Justice Studies from Arizona State University.  Blake has also recently worked in higher education and is currently pursuing a Master’s degree in Business.


Leave a Reply