The Hacker News had an article titled DDos Attacks originated from thousands of .edu and .gov wordpress blogs and it highlights the importance of a couple security best practices.
1) Use complex account passwords
2) Monitor your server for compromise
3) Upgrading to latest versions to protect against known vulnerabilities
The article mentions that older versions of wordpress were vulnerable to a pingback attack where an attacker could use the built in mechanism to generate traffic to another location and when replicated across the reported 100,000 sites, it created a denial of service condition from all the pingback requests.