Sergey Nivens - Fotolia
WordPress was recently the target of an SEO malware injection attack that has been known to evade detection. How does a WordPress malware injection attack work and what should enterprises do to prevent it?
The word malware refers to many things beyond a Windows PC getting infected with a virus, but that is often the first thing people think of. Malware is generally malicious software that has unique characteristics and impacts Windows and Mac OSes, mobile devices, servers, IoT devices, and so on.
Some malicious software targets specific applications, like the open source word processing software WordPress. This type of attack is called SEO malware injection.
Cloud-based security company Sucuri recently blogged about two websites infected with search engine optimization (SEO) injection malware. SEO attacks occur when search engine results are manipulated by an attacker to rank the attacker's webpages higher than legitimate webpages.
Sucuri described SEO malware injection attacks as inserting spam contents into WordPress pages that are then indexed by search engines. Sucuri didn't address how the attacker accessed the WordPress sites, but it could have been via a compromised account, insecure WordPress plugins or out-of-date software, to mention a few.
In terms of how to handle an SEO malware injection attack, WordPress can be protected by following these steps, assuming other aspects of your enterprise security program provide in-depth defense:
- keep WordPress and all of its plugins up to date, which you can accomplish by enabling auto-updates;
- use secure account management, like multifactor authentication, to protect admin accounts;
- use an encrypted connection for WordPress management;
- limit public access to the system to only trusted systems to limit the attack surface;
- back up the system securely;
- if the resources are available, use a web application firewall;
- review the WordPress security guide; and
- consider this expert advice on how to run a secure WordPress installation.
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Nick Lewis
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading
Cloud security providers need to play catch-up with the evolving advancements in cloud technology. Find out what the top CSPs offer today and which ... Continue Reading
Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.