Web Security is a hot topic for everyone in these days. A Positive Technologies report of 2017 showed how all of the websites and web applications have at least one well-known vulnerability.
The same report shows how the 70% of websites and web applications have at least one high severity vulnerability as well.
As a matter of fact, we are talking about well-known vulnerabilities with the related exploits available online. Nowadays with the enforcement of the GDPR, Web Security management has a significant role for every company. The risk of data breaches is higher than ever and consequently companies face the risk of fines as well.
Web Application Security and Web Security: top 5 cyberattacks
Like everything else, web applications have their problems. First of all, a web app can be targeted by Cyber Criminals with different attacks.
Here you can find the top 5:
Web Security: Bots and Web Scraping
What is a bot? It is a kind of software which atomates iterative actions in order to prevent the user from doing the same actions over and over again. Just to be clear, bots record Google researches in order to show better results. They award deserving websites in terms of visibility. However, we have both “good” bots and “bad” bots. Bad bots generate traffic as well but this traffic is infected as well as the bot.
Basically, this is why a bad bot can be used for web scraping. This action consists in extrapolating data from a website or a web application. As a matter of fact, this is a plague of the internet: following recent stats, the 20% of the whole traffic is bad-bots-traffic. What does this mean? It means that potentially every website you browse, even though it’s marked as safe, could expose you to a data theft.
Data theft does not always imply the theft of payment-related data. It can be a simple memorization of your e-mail address which could be used later by attackers to spam you and run a phishing attack.
Bad bots can pave the way to DDoS attacks as well.
Web Security: DDOS Distribuited Denial of Service
DDoS stands for Distributed Denial of Service. This specific attack, in order to be carried out, needs many IP addresses, this is why its origins are often hard to trace. A DDoS attack bombs a system with requests and finally crashes it.
We have three main types of DDoS attacks:
- IP Spoofing: this is the most common DDoS attack mainly because it is successful for hackers who need to have a non authorized access to the system. Through the spoofing, packages of IP addresses are created and these packages are useful to mask the identity of the attacker. Basically, this means that the cybercriminal uses fake IPs that prevent the system from identifying the origin. The most common techniques of IP spoofing are: UDP flood and ICMP flood. The first one is about the stress of the system through a lot of requests containing UDP (communication security protocol) datagrams. The second one, with the same methodology, uses the ICMP (Internet Control Message Protocol) protocol.
- Protocol attacks. The DDoS attack can affect the security protocol of the web application through techniques such as the Ping of Death or the Smurf.
- GET/POST flood. The attacker exploits an apparently not infected HTTP (security protocol for web pages) or a POST (Power-On-Self-Test, the auto-analysis phase of a system) to start DDoS attacks. This is an effortless techniques for the hackers but it requires a deeper knowledge. This is why only expert hackers can carry out such attacks.
Web Security: Cross Site Scripting
Web Security: SQL Injection
SQL is the standard language as far as databases are concerned. An SQL Injection attack consists of injecting infected elements that the database might consider as legit. In this case, the database is open to data theft that could affect both users and admins. Hackers could create administrative accounts to control the web application. An SQL Injection attack can lead to very dangerous consequences: what if an attacker steals information such as addresses and telephone numbers in addition to payment data?
Web Security: Malware
We have different kinds of malwares basing on the purpose they have (ransomware, trojan, spyware, …). Once a malware enters a system, a cybercriminal can get the full control of it. This is why protecting your web applications from malwares is crucial: the number of cyber attacks led using malwares is very high and even if it seems that hackers are moving to cryptocurrencies mining, the threat remains.
Web Application Security e Web Security
Data show the lack of web security principles.
As fare as CyberSecurity and Web Security are concerned, prevention is key.
These activities require a periodic check on an annual basis to see if systems are vulnerable.
These activities are crucial to assess your risk level and comply with the new Data Privacy European law – GDPR.
You can check the status of your systems, websites, web applications,… with Swascan CyberSecurity Services.