There are some things that are just plain and simple. Like, if you want to live you must breathe, or if you have a website you need to be defending it. How you breathe and how you keep your website secure gets more complicated, but the simple truths remain.
At Get Found Fast, we make defending your website simple for you. We equip defense plugins on all the websites we work with to protect your site from malicious intrusions. Brute force attacks are always happening but they are on the rise. If you are worried about your website’s security, our web development team can help make sure you have a defense system in place to keep your website secure.
Wordfence, one of the defense plugins we use, just reported an increase in brute force attacks against WordPress sites.
Posted on December 18, 2017
A massive distributed brute force attack campaign targeting WordPress sites started this morning at 3am Universal Time, 7pm Pacific Time. The attack is broad in that it uses a large number of attacking IPs, and is also deep in that each IP is generating a huge number of attacks. This is the most aggressive campaign we have seen to date, peaking at over 14 million attacks per hour.
The attack campaign was so severe that we had to scale up our logging infrastructure to cope with the volume when it kicked off, which makes it clear that this is the highest volume attack that we have seen in Wordfence history, since 2012.
The campaign continues to ramp up in volume during the past hour as we publish this post. A graph of the attack volumes is shown below which shows the number of attacks per hour and the number of attacking IPs that we see each hour.
Our infrastructure automatically blacklisted the participating IPs in real-time and distributed those to our Premium customers. This all happened unattended early this morning. We continue to monitor the campaign and are analyzing its origin and who is behind it.
Read more at wordfence.com…