Over the past few weeks we have seen several NHS sites being hit by a wave of hacked posts. Some of those affected range from local Health Trusts, Public Health sites and Medical Centres including Dorset Public Health, South Tees Access and Response and Dudley and Walsall Mental Health Partnership.
The attack targets a recent post on the blog or site and changes the post title and content. Some other variations of the same attack include changing the post title to any number of these:
- HaCkEd By RxR HaCkEr
- Hacked By MuhmadEmad
- Hacked By BALA SNIPER
These are not necessarily targeted attacks on Health industry sites, but seem to be drive-by attacks on any vulnerable WordPress.
How to fix the post and secure your site
- Update to the latest version of WordPress.
- Use the Revisions feature on the post to revert the post title and content back to it’s original content.
- Consider updating your WordPress security policies and site management to update more frequently.