Did you know that many WordPress websites are visited 3000x a day by bots? Where do these bots come from? And what is their purpose?
The guys at WordFence (source in English) see millions of attacks on websites come by, that’s because their security plug-in collects those from thousands of websites to keep the Firewall and protection of WordPress websites optimal.
This month they shared the top 5 countries where the most attacks on WordPress have come from in the past month.
- United States
These are currently not the standard countries where most cyber attacks used to come from, which was often China or Russia.
What does this say about the countries themselves? Not necessarily that more cyber criminals live here.
The number of cyber-attacks from a particular country depends on several factors
- Availability of servers.
Attacks are done via servers, where the most powerful servers are located more can be achieved
- The IP statuses of a country
Good status is more reach
More time and need for new (unfortunately illegal) income
- The state of security
A leak in certain software can provide access to many criminals
- And sometimes a political situation
Like a country where there is war, that is not only fought with weapons these days
What is THE PURPOSE of cyber-attacks?
Currently, WordFence reports that:
the (hackers, criminals) of the top five countries are all trying to access websites
Once you have access to the websites, a criminal can:
- Share information with the world
- Steal information
- Make money from advertising, spam & black hat SEO
- Make money selling access data
- Make money using complex scamming methods based on the stolen information
Then, of course, the question: do cybercriminals just manage to not only attack a website but actually gain access to it?
Yes, there is always a percentage of the millions of websites that have a leak at the time an attack is made.
The attacks go on day-and-night, 24/7.
The moment your website contains a leak, a specific payload (script/set of code) will be unleashed on your website that will allow a cybercriminal to access your website.
For that reason, to the incessant flow of attacks it is necessary to use and otherwise install a good security plugin in your WordPress website.
This can be the free security plugin from WordFence, or the paid premium version offered by WordFence.
You can also use iThemes, which has a security plugin specifically for WordPress. Also a free version and a paid pro/premium version.
Want to make sure your website is up-to-date? Secure? Then let us secure your WordPress website. We have packages for small WordPress websites, WooCommerce webshops and for large WordPress websites!