Same story, different week: Drupal has once again made news with two vulnerabilities that make cyberattacks easy. According to a SiliconANGLE article, the latest attacks occurred because of compromised outdated and vulnerable Drupal installations. While the fix, in the form of a patch, was issued last month, most Drupal websites have yet to update their systems—a problem inherent with a “free” open source content management system (CMS) like Drupal.
It’s a scenario playing out across the globe: overworked web administrators charged with staying current in the never-ending cycle of software updates—on top of their already demanding work responsibilities. If your institution doesn’t have the time or resources to devote to maintaining software, it may be time to switch to a CMS that is always up to date.
Open source CMS platforms are easy targets for hackers in large part because of poor security measures. In addition to the Drupal cyberattack, open source WordPress was hit with yet another breach that affected 1.5 million pages in 2017. A recent Joomla security breach allowed hackers to register and then grant administrative privileges to newly registered accounts, giving hackers unfettered access to websites.
If your institution has been affected, it might be time to rethink your CMS for several reasons:
- Does your college or university have dedicated resources to invest in mitigating risks and overseeing continual maintenance of your websites?
- Can you afford the website downtime when your system is hacked?
- Do you have a dedicated web team that can keep up with and follow best practices to ensure your CMS is secure?
OmniUpdate customers are unaffected by the latest Drupal attack because our OU Campus CMS provides automatic security updates and ongoing support from experienced technologists.
Ready to reduce the headaches that come from continually worrying about the security of your CMS? Learn more in our white paper Four Questions You Should Ask Before Considering an Open Source CMS.