Organizations need to increase website security after the Russian attack, according to WordPress security company Wordfence. They have also offered a few tips on how to prevent yourself from becoming a victim of state-sponsored cyber attacks.
CISA has also updated the Shield’s Up web page with more information related to the possible cyber attacks originating from Russia
With the high risk of state-sponsored cyberattacks lurking which is a constant threat to government and infrastructure-related websites. But during such times it extends further to commercial websites. Wordfence has advised all publishers to be more vigilant.
Though we are still in the early stages of the war, there are no signs of an increase in state-sponsored hacking events. Yet it has advised publishers to be more alert during the next hours and days.
Mark Maunder – Wordfence Founder & CEO said,
We are also taking a range of internal steps to secure our company, our team, and our infrastructure. If you run a business, I’d like to advise you to enter a higher state of vigilance
Steps you should follow to help protect against cyberattacks:
- Learn about social engineering and phishing attacks.
- Enable multi-factor authentication
- WordPress plugin developers should be extra vigilant to become compromised and serve as a way to spread exploits to all the client sites.
- Watch your logs in order to spot suspicious activities from hackers
- Keep an eye out for new (and malicious) files appearing on your site
CISA has also issued some times to help prepare organizations against cyber intrusions and other attacks.
Preventative Measures Offered by CISA
- Fix the known security flaws in software.
- Implement multi-factor authentication (MFA)
- Replace end-of-life software products that no longer receive software updates
- Replace any system or products that rely on known/default/unchangeable passwords
- Sign up for CISA’s Cyber Hygiene Vulnerability Scanning (firstname.lastname@example.org)
Free Cybersecurity Tools offered by CISA
- Immunet Antivirus by Cisco for Microsoft Windows
- Microsoft Defender Application Guard
- Free Cloudflare Unmetered Distributed Denial of Service Protection
- Free Cloudflare Universal Secure Socket Layer Certificate
- Quad9 for Android – Blocks malware and virus-infested sites
- Quad9 – Protects computers and devices from accessing malware and virus-infested sites
- Project Shield – “Project Shield is a free service that defends news, human rights, and election monitoring sites from DDoS attacks“
- Vane2 – A free WordPress security scanner