Ransomware – A New Threat to WordPress sitesDecember 4th, 2017
Wordfence recently posted an article on their site about a significant new threat to WordPress sites … ransomware.
While WordPress and CMS’s in general continue to pose a significant risk for hacking, ransomware until now has been confined to Windows operating systems on PCs. According to Wordfence, they recently identified attempts to upload ransomware to WordPress sites that “provides an attacker with the ability to encrypt a WordPress website’s files and then extort money from the site owner.”
WordPress is already the most vulnerable platform for hacking (See Securi’s Hacked Website Report – 2016/Q3), adding the risk of ransomware into the equation is another compelling reason for businesses and organizations to carefully evaluate the options, costs, benefits, and risks for deploying their websites on a CMS.
Risingline develops WordPress sites, but increasingly our recommendation to clients is to go with a professionally managed website (in which all management is done professionally off-server) rather than CMS’s; especially for their core public website pages. Professionally managed websites eliminate the vast majority of hacking (and now ransomware) risks that are inherent to CMS’s as well as providing other advantages such as quality control for SEO, accessibility, and style consistency. For more detail please see our 2017 Web Development Trends and Best Practices Report.
In many cases, we’ve found a professionally managed website is not only much safer, faster and compliant but can have a lower total cost of ownership.