With more than 800 million websites around the world utilizing the WordPress CMS platform, it should not be surprising that WordPress is also among the most popular targets of cyber attacks that can lead to successfully hacked websites.
Cyber Attacks and Hacked Websites, What is The Difference?
It should come as no surprise that some people often confuse cyber attacks and hacked websites. However, there is actually an important distinction between the two terms. So, what is the difference?
What is a Cyber Attack?
A cyber attack is when a hacker attempts to maliciously exploit security vulnerabilities of a website in an effort to gain unauthorized access to it. The key word here is “attempts”. So, for example, when a hacker tries to repeatedly guess your WordPress admin login credentials, that would be considered a brute-force attack, wherein the hacker will attempt to guess your username and password, through repeated guesses, often facilitated by software. You can read more about how to protect your WordPress website against brute-force attacks here.
Other types of cyber attacks include SQL Injection Attack, Cross-Site Scripting (XSS), Denial-of-Service (DoS), Distributed Denial of Service (DDoS) and Session Hijacking.
What is a Hacked Website?
When a hacker’s cyber attack results in successfully gaining unauthorized access to a website, the website would then be considered to be “hacked” or compromised.
Why Do Hackers Attack Websites?
Hackers attack websites in order to obtain unauthorized admin level access to a website (database). Once a website is successfully “hacked”, the priority is typically to steal confidential information, inject malicious content and/or change some of the website’s content. All of this effort is, of course, to enable the hacker to reap financial rewards derived from their malicious activities.
What to do if your Website has been Hacked?
If you are among the those whose WordPress website was recently hacked, do not panic.
Take a deep breath, and read this article about what you can do after your website has been hacked, where our recommendations still hold true, even today. Those include:
- Contact Your Webmaster or Your Web Hosting Company if you do not have a Webmaster
- Change Your Passwords
- Remove the Malware/Infection from your Website
- Identify How Your Website Was Hacked and Fix the Vulnerabilities
How many WordPress Cyber Attacks occur each year?
When we are talking about the number of cyber “attacks” (attempts), as of 2023, it has been reported that there were up to 5 million cyber attacks against WordPress websites, per hour.
How Many WordPress Websites are Successfully Hacked Each Year?
When it comes to the number of WordPress websites that actually get hacked (compromised), estimates range anywhere from a few million to several million, each year.