WordPress security company Wordfence issued an advisory that recommended being vigilant for an increase in hacking activity after Russian attack on Ukraine and offered tips to help prevent becoming a victim to state sponsored cyber attacks.
Additionally the United States Government Cybersecurity & Infrastructure Security Agency (CISA) just updated their Shield’s Up web page adding more information about possible cyber attacks originating from Russia.
Website Security Protects Search Visibility
Many in the SEO community don’t consider website security as an SEO issue. Cyber attacks however can have a devastating effect on search visibility and the ability to show web pages to site visitors.
Website security should ideally be an important part of SEO because search visibility can be harmed by hacking and other security events.
Wordfence Advises Higher Vigilance
State sponsored cyber attacks are common, especially toward government and infrastructure related websites.
But at this particular time the threat could expand to commercial websites. Wordfence advised all site publishers to be more vigilant.
While Wordfence acknowledged that at this early stage it has not yet seen an increase in state sponsored hacking events, it nevertheless advises publishers to be more alert during the next hours and days.
The founder of Wordfence advised:
“If you run a business, I’d like to advise you to enter a higher state of vigilance.”
The Wordfence alert offered these steps to follow to help protect against cyber attacks:
- Learn about social engineering and phishing attacks.
- Enable multi-factor authentication
- WordPress plugin developers should be extra vigilant to becoming compromised and serving as a way to spread exploits to all the client sites.
- Watch your logs in order to spot suspicious activities from hackers
- Keep an eye out for new (and malicious) files appearing on your site
The United States Government CISA also issued tips and a list of resources and tools that can help prepare organizations against cyber intrusions and other attacks.
CISA offered several preventative measures to take:
Fix the known security flaws in software.
Implement multi-factor authentication (MFA)
Replace end-of-life software products that no longer receive software updates
Replace any system or products that rely on known/default/unchangeable passwords
Sign up for CISA’s Cyber Hygiene Vulnerability Scanning (firstname.lastname@example.org)
Free Cybersecurity Tools
The CISA website offered a comprehensive list of free tools that can help prevent or mitigate cyber attacks.
Among the free tools and services, here is a partial list:
- Immunet Antivirus by Cisco for Microsoft Windows
- Microsoft Defender Application Guard
- Free Cloudflare Unmetered Distributed Denial of Service Protection
- Free Cloudflare Universal Secure Socket Layer Certificate
- Quad9 for Android – Blocks malware and virus infested sites
- Quad9 – Protects computers and devices from accessing malware and virus infested sites
- Project Shield – “Project Shield is a free service that defends news, human rights, and election monitoring sites from DDoS attacks“
- Vane2 – A free WordPress security scanner
Consider Increasing Your Security
All websites are under a variety of attacks at virtually any given time of day or night.
However recent developments in the Ukraine have heightened the possibility for an increase in state sponsored hacking attempts from Russia.
Publishers on WordPress should consider using a trusted WordPress security plugin like Wordfence plus increasing security using the above mentioned tips and free tools.