Website hacking attempts on rise in lockdown period. Stay home and stay protected

Website hacking attempts on rise in lockdown period. Stay home and stay protected 

Dear abcaus users,

Website hacking attempts on rise in lockdown period

Stay home and stay protected but Covid-19 is not the only thing you should be worried about.

Amidst the lockdown, many of you will be working from home and so do the hackers. As per leading wordpress security service provider, over last 30 days, hacking attempts worldwide touched a new height of 251 million attempts on May 12th, 2020 from 191 million on May 11^th, 2020.

You will be perhaps surprised to note that India tops the list of countries by number of attacks.

The above said attacks statistics were related to the attacks to gain access to the website that are hosted on wordpress. Today, most of the websites that need a Content Management System (CMS) uses WordPress.

According to my Firewall summary, majority of the attacks recorded on abcaus.in were “brute force” attempts.

A brute force attack is an attempt to crack a password or username using a trial and error approach and hoping, eventually, to guess the password/ username correctly. Though old, it is still popular with hackers. Even automated tools are also available to help with brute-force attacks.

Depending on the length and complexity of the password, cracking it can take few seconds to many years. Some hackers even target the same systems every day for months and sometimes even years.  

It is advisable that a user should choose 10-character passwords that include symbols or numerals. Such password would create 171.3 quintillion permutations/combinations. Using a processor that tries 10.3 billion hashes per second, cracking such password would take approximately 526 years.

Users should choose complex passphrases rather than single words. It’s important to avoid the most common passwords and to change them frequently. Users may also use password generation tools for creating complex passwords.

I would strongly recommend installing Wordfence Security Plugin for wordpress. It blocks an IP based on the user defined number of attacks

Stay home, stay protected.

– CA Ashutosh Lohani

• Revenue should not take the benefit of the mistake committed by the assessee
• Under NI Act if cheque signed by drawer is given to payee ’reverse onus clause’ u/s 139 attracted
• High Court grants bail to Income Tax Officer accused of demanding bribe of Rs. 25000/-
• ICAI bans Twelve Chartered Accountants being guilty of professional misconduct
• Cash deposit in demonetisation held exempt assessee being resident of Arunachal Pradesh