Website hacking attempts on rise in lockdown period. Stay home and stay protected
Dear abcaus users,
Website hacking attempts on rise in lockdown period
Stay home and stay protected but Covid-19 is not the only thing you should be worried about.
Amidst the lockdown, many of you will be working from home and so do the hackers. As per leading wordpress security service provider, over last 30 days, hacking attempts worldwide touched a new height of 251 million attempts on May 12th, 2020 from 191 million on May 11th, 2020.
You will be perhaps surprised to note that India tops the list of countries by number of attacks.
The above said attacks statistics were related to the attacks to gain access to the website that are hosted on wordpress. Today, most of the websites that need a Content Management System (CMS) uses WordPress.
According to my Firewall summary, majority of the attacks recorded on abcaus.in were “brute force” attempts.
A brute force attack is an attempt to crack a password or username using a trial and error approach and hoping, eventually, to guess the password/ username correctly. Though old, it is still popular with hackers. Even automated tools are also available to help with brute-force attacks.
Depending on the length and complexity of the password, cracking it can take few seconds to many years. Some hackers even target the same systems every day for months and sometimes even years.
It is advisable that a user should choose 10-character passwords that include symbols or numerals. Such password would create 171.3 quintillion permutations/combinations. Using a processor that tries 10.3 billion hashes per second, cracking such password would take approximately 526 years.
Users should choose complex passphrases rather than single words. It’s important to avoid the most common passwords and to change them frequently. Users may also use password generation tools for creating complex passwords.
I would strongly recommend installing Wordfence Security Plugin for wordpress. It blocks an IP based on the user defined number of attacks
Stay home, stay protected.
– CA Ashutosh Lohani
- Roll out of ‘AIS for Taxpayer’ Mobile App by Income Tax Department
- Addition sustained for claiming accumulated depreciation in Profit and Loss Account
- GSTN Advisory on HSN Code Reporting in e-Invoice on IRPs Portal
- ICAI Guidance Note on Audit of Banks, 2023 Edition
- GSTN Advisory for taxpayer to register as “One Person Company” in GST Portal