Move your WP installation out of /wp-admin/ as that's the first place hackers will look. Create a new user with a completely random (long) username and password, give it admin privileges, then downgrade "admin" to a regular user. Create a third user just for posting, so that the username that shows up as the "owner" of posts only has posting access.
Won't help that much, but it's at least a start.