Imperva WAAR Report 2015: WordPress attacks highest of all CMS’s

Secu­ri­ty attacks on web­sites and blogs are high­er than ever before. Accord­ing to Imper­va’s new Web Appli­ca­tion Attacks Report, Con­tent Man­age­ment Sys­tems (CMS’s) were attacked three times more often than oth­er Web appli­ca­tions. The data secu­ri­ty firm con­firmed that Word­Press has unfor­tu­nate­ly been the vic­tim 3.5 times more than the oth­ers.

It comes as no sur­prise that Word­Press is the most attacked CMS. Not only is the most pop­u­lar ser­vice but new data from W3Techs, which mea­sures both usage and mar­ket share, report­ed last week that Word­Press accounts for a quar­ter of the web. They said,“WordPress is used by 58.7% of all the web­sites whose con­tent man­age­ment sys­tem we know. This is 25.0% of all web­sites.”

As 2015 draws to a close, Word­Press has tak­en a real beat­ing this year with an increase in brute-force attacks. Hack­ers and mal­ware are doing a lot of dam­age by tak­ing advan­tages of vul­ner­a­bil­i­ties caused by weak­ness­es in the 30,000+ plu­g­ins on Word­Press.

Imper­va’s report said,“CMS frame­works are most­ly open source, with com­mu­ni­ties of devel­op­ers con­tin­u­ous­ly gen­er­at­ing sequences of plu­g­ins and add-ons, with­out con­cert­ed focus towards secu­ri­ty. This devel­op­er mod­el con­stant­ly increas­es the vul­ner­a­bil­i­ties in CMS appli­ca­tions, espe­cial­ly for Word­Press which is also PHP based.”

Non-CMS appli­ca­tions were less sus­cep­ti­ble to remote com­mand exe­cu­tion (RCE) attacks than CMs’s accord­ing to the report’s find­ings. Fur­ther­more, the report found that Word­Press is five times like­li­er than oth­er CMS’s to be hit by remote file inclu­sion (RFI) attacks.

Some of the trends dis­cov­ered in Imper­va’s annu­als report were con­tin­u­ing from last year’s report, such as increased SQL Injec­tion (SQLi) and Cross-Site-Script­ing (XSS) attacks and more attacks on Word­Press. A new­com­er this year is the mega trend of Shell­shock Remote Code Exe­cu­tion (RCE) attacks, scan­ning web appli­ca­tions on an equal basis.

The report said, “We con­clude that the increas­ing avail­abil­i­ty of web attack tools and services—with com­pu­ta­tion­al pow­er becom­ing less expen­sive and ubiquitous—are dri­ving the new wave of vol­u­met­ric mali­cious attacks. The evo­lu­tion of attacks against web appli­ca­tions has con­tin­ued with increased sophis­ti­ca­tion, mag­ni­tude, and veloc­i­ty. How­ev­er, there is hope thanks to the grow­ing effec­tive­ness of rep­u­ta­tion-based detec­tion mech­a­nisms, and their abil­i­ty to iden­ti­fy attacks by track­ing pre­vi­ous­ly iden­ti­fied mali­cious activ­i­ty to its ori­gins.”