As more companies put their business online, the playing field for hackers continues to grow. Companies are facing a wider range of cybersecurity threats than ever before that target their infrastructure, applications, operations and even employees. To protect their business interests, organizations must safeguard their data. As most attacks today are carried out automatically using an army of bots that are not targeting specific companies, hackers are trying to reach as many websites as possible to maximize their botnet ROI — and any company, big or small, is a target.
With the rapid evolution of online threats, cloud-based services are becoming a larger part of an organization’s operational security strategy. Eldad Chai, director of product management at Incapsula, explains some of the biggest challenges in mitigating malicious attacks and the questions organizations should keep in mind when developing a strategic security plan.
Click through for a summary of the latest cyber attacks challenging website security, as identified by Eldad Chai, director of product management at Incapsula.
Application-level DDoS attacks are carried out by sending a large amount of innocent-looking traffic to a website. A few thousand requests per second are all it takes to kill most of today’s application stacks, and with just an order of magnitude more, even the servers can buckle and crash. These attacks are relatively easy to generate, and it’s extremely difficult to tell the difference between the DDoS traffic and the legitimate user traffic.
Gaining access to a backdoor on a website provides hackers full control over the Web server and application. This method is often used to carry out attacks on targeted websites or to steal information. It is rather difficult to detect as hackers will gain root privileges and use them to hide the backdoor.
DNS hijacking is used to take control of your domain registrar account and ownership over your website. The site can lose SEO ranking and the reputation associated with the domain. The domain registrar’s password is often the weakest link in this case.
Content scraping automatically collects business intelligence from a website by impersonating trusted Googlebots. This attack can be used to eliminate a company’s competitive advantage, for example, by scraping a product catalog and prices.
Incapsula research reveals:
- 16.3 percent of sites suffer from Googlebot impersonation attacks of some kind.
- Among targeted sites, 21 percent of those claiming to be a Googlebot were impersonators.
- The vast majority of impersonators post comment spam and also steal website content.
With abuse by automation, legitimate website functions are used to harm the business, as with fake account registrations, fake comments or votes, and fake checkouts. These attacks create operational overhead, resulting in loss of time and money. It is very hard to deal with this attack, as this traffic is “invisible” to most analytics tools and otherwise appears legitimate.
Incapsula research reveals:
- 31 percent of website visitors are likely to be damaging intruders.
- Google Analytics doesn’t show you 51 percent of website traffic, including hackers, spammers and other non-human stalkers.
In order to deal with new threats effectively, a solid security strategy must include three things:
- Visibility – Be sure you know what is happening from the beginning of the process to the end.
- Perimeter security – Make sure that attacks are stopped on the perimeter, before reaching the network.
- Agility – Rely on security experts that can rapidly respond to new attack techniques.
A new breed of cloud-based Web application firewalls (WAFs) has introduced a service model for online security that eliminates maintenance, operation, tuning, training, deployment and setup costs. WAFs help you to stop attacks at the perimeter, gain full visibility, and be up-to-date with the latest security features.
- Expertise – Make sure that it has an experienced security firm behind it.
- Coverage – A reliable WAF can be customized to deal with a wide array of threats.
- Service – Double check that there is a service model to maintain and keep WAF rules updated.