A report has been released by the Sucuri Remediation Group, which analyses over 34,000 hacked and infected websites in 2017, and the results are both interesting and scary.
Of the 34,371 infected websites taken into account, 83% were WordPress with the next closest platform being Joomla at 13.1%.
That is a huge percentage of websites already attacked and that is not counting other websites that were not taken into account by the study.
Another big eCommerce platform, Magento, accounted for 6.5% of the sites on the list. Magento is usually used for enterprise level online stores so there could well be some big names in that list.
Image Source - sucuri.net
The report also covers the number of websites that were not kept up to date once they had been built. Security patches and software updates are vital if using platforms such as WordPress as new vulnerabilities on its open sourced platform are found and fixed all the time.
In Q3 of 2016, 61% of hacked WordPress sites were not on the latest version of the software, however, in 2017 this dropped to just 39.3% which is a definite improvement. Out of date Magento sites accounted for 80.3% of affected sites, but the worst offenders were OpenCart with 92.1% and osCommerce with a massive 96.4%!
Image Source - sucuri.net
These figures alone show the importance of installing updates on your website as and when they are released.
Other areas highlighted in the report are blacklist analysis, the types of malware found on websites and common files infected by the malware.
Website blacklists are devastating for SEO and can affect other forms of marketing such as email campaigns. 17% of infected websites were put on blacklists by authorities like Google and Bing.
This highlights the importance of blacklist monitoring as part of ongoing website maintenance. Catching it early can highlight issues with websites and prevent a large scale drop in results. It does also mean that blacklist monitoring alone is not enough to detect if a site has been compromised, continual monitoring and maintenance is needed.
The report conclusion is simple. “Vulnerable software continues to be a problem and is one of the primary causes of today’s websites hacks.”
To prevent your site getting infected keep the software used up to date. If you are unsure on how to do this then get in touch with your web developer, or Digital Nachos, and get it sorted.
To the full report can be found here https://sucuri.net/reports/Sucuri-Hacked-Report-2017.pdf
Published: 28th Jun 2018