According to announcements made by the FBI on Tuesday, the agency is expecting a cyber attack, particularly on WordPress sites and plugins by members of the terrorist group al-Shams and individuals sympathetic to the Islamic State of Iraq.
The agency has advised people responsible for the security of WordPress websites to keep a vigilant eye on the security to ensure they are not hacked by terrorist groups with ulterior motives.
According to the FBI’s public announcement, the hackers are expected to be mostly unskilled members of ISIS, and hence, it is most probable for them to exploit known weak points of these sites. Most of these vulnerabilities of WordPress sites and plugins have already been patched up; but for webmasters who have missed installing them are certainly at the point of the threat.
If terrorist groups are able to exploit those vulnerabilities successfully, they can gain direct access to any WordPress account by bypassing security settings altogether. They can put in viral scripts, steal cookies, manipulate data or even install malicious software that can steal data from the computers of users.
WordPress plugins and even WordPress itself have weaknesses that can be exploited easily even by amateur hackers; hence, FBI has circulated the report in order to warn WordPress webmasters about the potential security threat they might experience unless they are extremely careful.
This WordPress attack advisory from the agency is the second one.
As reported by KrebsOnSecurity, FBI has issued a separate alert for private businesses warning them that several terrorist groups might participate in an operation named “OpIsrael,” which will target Jewish and Israeli websites to coincide with the Holocaust Remembrance Day on April 15 and 16.