{"id":2422,"date":"2015-04-06T15:12:11","date_gmt":"2015-04-06T21:12:11","guid":{"rendered":"http:\/\/www.whitefirdesign.com\/blog\/?p=2422"},"modified":"2015-04-06T15:12:11","modified_gmt":"2015-04-06T21:12:11","slug":"most-website-hackers-are-not-sophisticated","status":"publish","type":"post","link":"https:\/\/www.whitefirdesign.com\/blog\/2015\/04\/06\/most-website-hackers-are-not-sophisticated\/","title":{"rendered":"Most Website Hackers Are Not Sophisticated"},"content":{"rendered":"<p>One thing that we see fairly frequently with Internet security companies is that they try to sell their largely unneeded, and usually largely ineffective, security products and services by portraying websites as under constant threat from sophisticated hackers. \u00a0The reality is that while few\u00a0hackers are quite sophisticated, most hackers only have rudimentary skills and <a href=\"http:\/\/www.whitefirdesign.com\/resources\/secure-your-website-from-hackers.html\">basic security measures will prevent your website from being hacked<\/a>. As an example of what you are dealing with in most cases let&#8217;s take a look at someone&#8217;s claim on ZONE-H &#8211; a website for displaying defaced websites &#8211; <a href=\"http:\/\/www.zone-h.org\/mirror\/id\/23988279\">that they had hacked our website last week<\/a>. Since that page is supposed to be removed once the claimed defacement\u00a0is reviewed, here is a screenshot of it:<\/p>\n<p><a href=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2015\/04\/zone-h-whitefirdesign-com-screenshot.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-2423\" src=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2015\/04\/zone-h-whitefirdesign-com-screenshot.png\" alt=\"zone-h-whitefirdesign-com-screenshot\" width=\"901\" height=\"665\" srcset=\"https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2015\/04\/zone-h-whitefirdesign-com-screenshot.png 901w, https:\/\/www.whitefirdesign.com\/blog\/wp-content\/uploads\/2015\/04\/zone-h-whitefirdesign-com-screenshot-300x221.png 300w\" sizes=\"auto, (max-width: 709px) 85vw, (max-width: 909px) 67vw, (max-width: 1362px) 62vw, 840px\" \/><\/a><\/p>\n<p>What you can see with that is that the mirror copy of our website shown from the time of the claimed defacement doesn&#8217;t actually show that the website has been hacked. Instead it shows that if you request a page\u00a0on our website that doesn&#8217;t exist you will get a message that it doesn&#8217;t exist. Why someone would try to pass that off as defaced\/hacked website is unclear to us.<\/p>\n<p>Based on the URL of the supposed defaced page, http:\/\/www.whitefirdesign.com\/wp-admin\/admin-ajax.php?action=revslider_ajax_action&amp;client_action=get_captions_css, what they were trying to exploit was a vulnerability in a WordPress plugin that a) we don&#8217;t even\u00a0use, so there is no chance it could be exploited and b) if we did use it and had the vulnerable outdated\u00a0version installed they would have needed to try to exploit it from where WordPress is actually installed on our website, which isn&#8217;t the root directory of the website as they tried (this could be easily checked on, which again shows the lack of sophistication that usually exists).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One thing that we see fairly frequently with Internet security companies is that they try to sell their largely unneeded, and usually largely ineffective, security products and services by portraying websites as under constant threat from sophisticated hackers. \u00a0The reality is that while few\u00a0hackers are quite sophisticated, most hackers only have rudimentary skills and basic &hellip; <a href=\"https:\/\/www.whitefirdesign.com\/blog\/2015\/04\/06\/most-website-hackers-are-not-sophisticated\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Most Website Hackers Are Not Sophisticated&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[],"class_list":["post-2422","post","type-post","status-publish","format-standard","hentry","category-website-hacked"],"_links":{"self":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2422","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/comments?post=2422"}],"version-history":[{"count":7,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2422\/revisions"}],"predecessor-version":[{"id":2432,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/posts\/2422\/revisions\/2432"}],"wp:attachment":[{"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/media?parent=2422"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/categories?post=2422"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whitefirdesign.com\/blog\/wp-json\/wp\/v2\/tags?post=2422"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}