ISIS Security Risks: Foreign Extremists are Hacking Domestic Websites
Shockingly, the one and only United States FBI has issued a warning to website owners against potential online attacks from supporters of the well-known group ISIS. Many Americans have seen the extremist group in the media, but until now, most domestic Americans have felt that the extremist group couldn’t harm them because they are on the opposite side of the planet. However, their actions are being felt around the globe. It seems that sympathizers of the organization have WordPress sites in their crosshairs and have been exploiting code vulnerabilities for their own purposes. In fact, the attacks have become so concerning that the FBI has issued a public service announcement.
Who is Being Targeted?
To date, there is no clear understanding of why certain websites have been attacked. It seems that they may be exploiting anything they can get their hands on. The affected targets have been a smattering of diverse types of websites such as domestic US websites, foreign websites, and governmental websites (both domestic and foreign) from different levels of the governmental hierarchy as well as religious websites. No clear pattern or motive has been determined, but what is clear is that ISIS is wreaking havoc on unprotected sites that contain exploitable code vulnerabilities.
To be frank, these attackers are not using highly advanced and sophisticated means to exploit websites. However, having said that, they are still undeniably wreaking havoc on unsuspecting websites and businesses. Though many Americans have felt the bite of the ISIS supporters’ exploitation, other countries have also experienced damages as a result of the online attacks. For example, at least 600 various businesses in Russia have also been taken advantage of.
Affected WordPress Module
The vulnerability that is being exploited is contained in the WP Super Cache plugin. The whole goal of this plugin is to create static HTML pages for dynamically generated PHP scripts. The plugin will decrease the time it takes to process PHP code through a method called caching, thus decreasing consumed server resources and increasing page load times.
The fatal flaw in the code deals with cross site scripting (XSS) that allows attackers to escalate their privileges and take control of a site. All versions of WP Super Cache previous to version 1.4.4 are vulnerable. If you don't keep your plugins up to date, this can be devastating. Unfortunately, this is a very popular plugin and it has been downloaded and installed over 1 million times.
Explanation of the Attack
An attacker can exploit this vulnerability by using a custom created query to inject scripts into the plugin’s list of cached files. However, for the attack to be successful, an administrator would need to manually open the injected script.
If an attacker successfully exploits your website, the injected scripts could add user accounts, give the attacker administrator rights to your site, or open other security holes.
Not only are ISIS sympathizers exploiting WordPress sites, but they have even gone so far as to create fake copies of governmental websites by mimicking their appearance (essentially using phishing techniques). Unsuspecting users believe that they are sending their information to the American government, when in fact, they are sending their personal data to ISIS sympathizers. Furthermore, the sympathizers are profiting off of their attack by charging a service fee on completion of their online forms. In the blink of an eye, ISIS supporters can steal your information, take your money, and even commandeer your WordPress website.
What is at Risk?
On the surface, you might be thinking that the only real risk is that these extremists will destroy your website and cause it to crash. Au contraire. After an attacker has escalated their privileges and has access to your entire website, they can then steal sensitive customer information, billing information, and additional usernames and passwords. Sure, you might be able to recover by building a new site from scratch, taking your domain offline, or finding a new domain, but your customers and audience will lose a lot of faith and ultimately distrust you. After all, who wants to do business on a website that was pirated by affiliates of an extremist group? In the long term, even if you can recapture your website, your business and reputation will become crippled.
The Good News
If I’ve said it once, I’ve said it a thousand times. You absolutely need to stay on top of updating your WordPress website with the latest patches! Fortunately, a new update has been released that solves the vulnerability concerns so ISIS sympathizers cannot attack your website. If you don’t know how update your plugins personally, we can do it for you. The ISIS exploits are only one instance of hundreds (if not thousands) of vulnerabilities that have surfaced regarding website plugins across many different platforms. It doesn’t matter what platform you use. Code is written by humans who are inherently flawed.
Even the best coders in the world can inadvertently leave gaping holes in their software’s security.