Content management systems (CMSs) heavily targeted over the last year

CMSs were heavily targeted over the last year: Almost 20% of all attacks targeted CMS platforms and every region included two to four CMSs in their top 15 targeted technologies.

Popular CMS platforms such as WordPress, Joomla!, Drupal, and noneCMS account for about 70% of CMS market share. Additionally, nearly 55% of all attacks were application-specific (33%) and web-application (22%) attacks.

Twitter iconContent management systems were the target of approximately 20% of all observed attacks  globally. #cybersecurity #GTIR2020 Tweet this

Which regions and industries are most at risk?

  • CMSs were common attack vectors in EMEA, with several countries including multiple CMSs in their list of most-commonly attacked technologies. In Sweden, attackers targeted a noneCMS input validation vulnerability (CVE-2018-20062) more than any other vulnerability. Joomla! and WordPress were the CMS suites most-commonly attacked in the region.
  • Joomla! was the most highly targeted CMS in every country analysed in Asia Pacific. Attacks in Japan included three CMS platforms in the eight most-targeted technologies. Interestingly, Hong Kong didn’t show any CMS suites in their most-commonly attacked technologies.
  • Technology experienced nearly a 70% jump in overall attack volume in the last year, led by significant jumps in both application-specific attacks and denial-of-service attacks. Application-specific attacks focused on technologies supporting the industry’s web presence, most notably CMS systems and web technologies such as Microsoft’s IIS, Joomla! and ColdFusion.
  • CMS attack activity against manufacturing was notably high in the last year, specifically application-specific attacks against WordPress.
  • The healthcare industry was also under fire. Of the top 20 targeted CVEs, attacks on the Drupal CMS accounted for 28% of all incidents.
  • CMS attacks were prevalent in the government sector, which saw significant jumps in both reconnaissance activity and application-specific attacks. Application-specific attacks tended to focus on the same technologies as most industries – CMS suites, along with supporting tools and applications. This has been helped by an increase in internet-delivered services designed to help citizens obtain regional or local assistance.

Steps to success

Due to the high levels of attacks on CMSs, organizations should pay particular attention to application security, specifically around:

  • proper configuration of the CMS services
  • use of strong passwords
Zachary Jones

Zachary Jones

Sr. Director of Application Security Research at WhiteHat Security

How we can help you


Download the Technical Report and our Executive Guide