Islamic State sympathizers are targeting WordPress vulnerabilities according to the FBI
The FBI has warned of an ongoing cyber campaign by individuals sympathetic to the Islamic State in the Levant (ISIL), targeting a range of different websites, using known vulnerabilities in WordPress.
The bureau warned that the defacements have affected Website operations and the communication platforms of news organisations, commercial entities, religious institutions, federal/state/local governments, foreign governments, and a variety of other domestic and international Websites.
The FBI did state that the defacements demonstrate low-level hacking skills, but said that they are disruptive and often costly to repair and fix. It said the attackers are not actual members of ISIL, but are using the ISIL name to gain more notoriety than the underlying attack would have otherwise gathered.
It seems that the hackers are exploiting WordPress CMS plug-in vulnerabilities. These flaws can allow attackers to take control of an affected system, gain unauthorised access, bypass security restrictions, inject scripts, and steal cookies from computer systems or network servers.
“An attacker could install malicious software; manipulate data; or create new accounts with full user privileges for future Web site exploitation,” warned the bureau.
The FBI urged firms to apply the available software patches to plug these identified vulnerabilities. Meanwhile it seems that the ISIL defacement of WordPress websites is not the only problem at the moment.
The FBI also issued an alert for an unrelated matter, warning that criminals are hosting fraudulent government Websites in a effort to collect personal and financial information from unwitting Web users.
“Victims use a search engine to search for government services such as obtaining an Employer Identification Number (EIN) or replacement social security card,” said the FBI. “The fraudulent criminal websites are the first to appear in search results, prompting the victims to click on the fraudulent government services website.”
Earlier this year, social media accounts linked to the US military suffered a cybersecurity attack from hackers claiming to support the terrorist Islamic State militant group.
The @CENTCOM Twitter account, representing the US command that oversees operations in the Middle East, was hacked and defaced with messages praising Islamic State.
US President Barack Obama recently created a new sanctions scheme after he signed an executive order that classified malicious cyber attacks as a “national emergency”.
This means that the US Treasury now has the power to freeze assets and bar other financial transactions of entities engaged in cyber attacks. Hackers who conduct commercial espionage in cyberspace can now be listed on the official sanctions list of specially designated nationals.
Are you a security pro? Try our quiz!