Could ISIS deface your WordPress website?

ByCraig Haley

Run a WordPress website or know somebody who does?

Then the FBI has sent you a stark warning. Make sure that your WordPress installation and ALL installed plugins are updated, or people apparently working on behalf of ISIS (or ISIL) could very well be defacing your website some time soon.

WordPress is the content management system behind roughly 20% of websites on the Internet. Even the blog section here at ThatsNonsense.com uses WordPress behind the scenes in order to to function.

Because it is so popular, vulnerabilities are often discovered. And whilst WordPress themselves are good at releasing timely security patches for discovered exploits, there is one inherent drawback – WordPress is open source.

This means that other third party developers can create their own software that can be “plugged in” to a WordPress installation to offer various functionalities not offered by WordPress itself. These are called plugins, and they too present security risks. A vulnerability in a plugin could potentially give hackers access to your WordPress website.

This is why it is generally recommended to only use reputable WordPress plugin developers and of course, keep those plugins updated regularly.

The FBI warning follows a spate of defacement attacks on behalf of ISIS on WordPress websites. It appears these WordPress websites were not up-to-date. However the FBI appear to remain sceptical as to whether the attacks are actually being carried out by ISIS, or if the ISIS name is being used to give the attacks extra notoriety…

“These individuals are hackers using relatively unsophisticated methods to exploit technical vulnerabilities and are utilizing the ISIL name to gain more notoriety than the underlying attack would have otherwise garnered,” the FBI said in its public service notice.

Either way, these are not people you want attacking your website. Such attacks can cost money, reputations and lots of time.

Updating WordPress and plugins takes seconds, so if you own a WordPress installation, then get on it!

We have!

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)