Website hacking attempts on rise in lockdown period. Stay home and stay protected

Website hacking attempts on rise in lockdown period. Stay home and stay protected 

Dear abcaus users,

Website hacking attempts on rise in lockdown period

Stay home and stay protected but Covid-19 is not the only thing you should be worried about.

Amidst the lockdown, many of you will be working from home and so do the hackers. As per leading wordpress security service provider, over last 30 days, hacking attempts worldwide touched a new height of 251 million attempts on May 12th, 2020 from 191 million on May 11^th, 2020.

You will be perhaps surprised to note that India tops the list of countries by number of attacks.

The above said attacks statistics were related to the attacks to gain access to the website that are hosted on wordpress. Today, most of the websites that need a Content Management System (CMS) uses WordPress.

According to my Firewall summary, majority of the attacks recorded on abcaus.in were “brute force” attempts.

A brute force attack is an attempt to crack a password or username using a trial and error approach and hoping, eventually, to guess the password/ username correctly. Though old, it is still popular with hackers. Even automated tools are also available to help with brute-force attacks.

Depending on the length and complexity of the password, cracking it can take few seconds to many years. Some hackers even target the same systems every day for months and sometimes even years.  

It is advisable that a user should choose 10-character passwords that include symbols or numerals. Such password would create 171.3 quintillion permutations/combinations. Using a processor that tries 10.3 billion hashes per second, cracking such password would take approximately 526 years.

Users should choose complex passphrases rather than single words. It’s important to avoid the most common passwords and to change them frequently. Users may also use password generation tools for creating complex passwords.

I would strongly recommend installing Wordfence Security Plugin for wordpress. It blocks an IP based on the user defined number of attacks

Stay home, stay protected.

– CA Ashutosh Lohani

• In absence of mala fide intention bank should not be treated as assessee in default
• Whether bank account was fraudulently open in the name of assessee is question of fact
• SBI Concurrent Auditor Empanelment of Chartered Accountant Firms 2024-25. Last date 18.05.2024
• Change in the constitution of Appellate Authority for CAs CSs and Cost Accountants
• Trade Tax refund withheld beyond stipulated period & adjusted from demand unjustified – SC