WordPress most targeted CMS by hackers?

Waterfall Security: Trust issues with your firewalls? Eliminating vulnerabilities that accompany firewalls is a click away.

Imperva released the results of its Web Application Attack Report (WAAR), the result of analysis of a subset of 99 applications protected by Imperva’s WAF over a period of nine months, from August 1, 2013 to April 30, 2014.

There’s been an increase of 10% in SQL Injection (SQLi) attacks, as well as an increase of 24% in Remote File Inclusion (RFI) attacks. In addition, attacks have gotten dramatically longer in length; 44% longer than they were in the period covered in the fourth annual WAAR.

Other key findings include:

  • 48.1% of all attack campaigns targeted retail applications, with financial institutions next in line at 10%.
  • Websites running WordPress were attacked 24.1% more than websites running on all other content management systems (CMS) combined, and WordPress suffers 60% more Cross Site Scripting (XSS) incidents than all other CMS-running websites combined.
  • PHP applications suffer three times as many XSS attacks as .NET applications.
  • Websites that have log-in functionality, and hence contain consumer specific information, suffer 59% of all attacks, and 63% of all SQL Injection attacks.

“After years of analyzing attack data and origins, one of the things we propose in this year’s report is that attackers from other countries are using U.S. hosts to attack because they are geographically closer to targets. As a result, the U.S. generates the majority of the web application attack traffic worldwide,” said Amichai Shulman, CTO at Imperva.

“Looking at other sources of attacks, we were also interested to find that infrastructure-as-a-service (IaaS) providers are on the rise as attacker infrastructure. For example, 20% of all known vulnerability exploitation attempts have originated from Amazon Web Services. They aren’t alone; with this phenomenon on the rise, other IaaS providers have to worry about their servers being compromised. Attackers don’t discriminate when it comes to where a datacenter lives,” Shulman added.

Note: The report states that these stats about WordPress are based on a small number of installations, so take them with a grain of salt.