How to Handle Website Attacks Your Security May Not See Coming

 
 
By Chris Preimesberger  |  Posted 2013-05-16 Email Print this article Print
 
 
 
 
 
 
 
 

Enterprises are now facing a wide range of cyber-security threats that target their infrastructure, applications, operations and even employees. As more companies put their business information online, there is an enlarging attack surface for hackers looking to access company Websites and IT infrastructure. Disturbingly, most attacks today are carried out automatically using an army of bots that are not targeting specific companies. Hackers instead are trying to reach as many Websites as possible to maximize their botnet ROI, and any company, big or small, is a target. With the rapid evolution of online threats, more cloud-based managed services are becoming a part of the enterprise security strategy. The benefits of mitigating threats at the perimeter, having security experts on your side, and not having to deal with updates, maintenance and other operational aspects are appealing to IT managers—even if they have an in-house security team. We examine these issues in this slide show, put together with resources from Eldad Chai, director of product management at Incapsula, and eWEEK reporting.

 
 
 
  • How to Handle Website Attacks Your Security May Not See Coming

    by Chris Preimesberger
    1 - How to Handle Website Attacks Your Security May Not See Coming
  • Revisit Your Website Security Strategy

    Website hacks are not just about stealing an organization's data; even without data, you are still a target. Ask yourself: Are maintenance, operation, tuning, training, deployment and setup the right things on which to spend time? What if you could focus on incident response, visibility and reports, and ROI?
    2 - Revisit Your Website Security Strategy
  • Attack Example No. 1: Application-Level DDoS

    This is carried out by sending a large amount of innocent-looking traffic to the Website. All it takes are just a few thousand requests per second to kill most of today's application stacks. If there is just an order of magnitude more, even the servers could buckle and crash the site. This is relatively easy to generate but extremely hard to separate between the distributed denial-of-service (DDoS) traffic and the legitimate user traffic.
    3 - Attack Example No. 1: Application-Level DDoS
  • Attack Example No. 2: Website Backdoors

    Gaining access to a backdoor on a Website provides hackers with full control over the Web server and application. They often use that control to carry out attacks on targeted Websites or to steal information. It is difficult to detect because hackers will gain root privileges and use them to hide the backdoor.
    4 - Attack Example No. 2: Website Backdoors
  • Attack Example No. 3: DNS Hijacking

    This involves taking over your domain registrar account and taking ownership over your domain. The Website will go down, and, as a result, the site will lose all search engine optimization (SEO) ranking and reputation associated with the domain. The art of password hacking is much more advanced today than five years ago. The weakest link just may be the domain registrar's password.
    5 - Attack Example No. 3: DNS Hijacking
  • Attack Example No. 4: Content Scraping

    This hacking method automatically collects business intelligence from a Website and is executed by impersonating trusted Googlebots. It is used to eliminate a company's competitive advantage. For example, hackers may scrape a product catalog and all its prices.
    6 - Attack Example No. 4: Content Scraping
  • Googlebot Impersonators a Serious Problem

    Industry research reveals that 16.3 percent of sites suffer from Googlebot impersonation attacks of some kind. Among those targeted sites, 21 percent of those claiming to be a Googlebot were impersonators. The vast majority of impersonators post comment spam and also steal Website content.
    7 - Googlebot Impersonators a Serious Problem
  • Attack Example No. 5: Abuse by Automation

    In this hack, legitimate Website functions are automated to harm the business. These can include fake account registrations, fake comments or votes, or fake checkouts. These attacks create a high operational overhead and loss of time and money. They are very hard to deal with because this traffic is invisible to most analytics tools and it appears legitimate to network admins.
    8 - Attack Example No. 5: Abuse by Automation
  • High Percentage of Site Visitors May Be Intruders

    Incapsula’s industry research reveals that 31 percent of Website visitors are likely to be damaging intruders. Google Analytics doesn't show users 51 percent of Website traffic—including hackers, spammers and non-human stalkers.
    9 - High Percentage of Site Visitors May Be Intruders
  • Adapt Current Security Strategy for New Threats

    To deal with new threats effectively, a security strategy must include the following: a) visibility: be sure to stay informed on what is happening from the beginning of the process to the bottom line; b) perimeter security: make sure attacks are stopped on the perimeter, before reaching the network; and c) agility: use security experts who can rapidly respond to new attack techniques.
    10 - Adapt Current Security Strategy for New Threats
  • New Line of Defense: Cloud-Based Web Application Firewalls

    Cloud-based WAFs, which were recently made available, provide a new service model for online security. They eliminate maintenance, operation, tuning, training, deployment and setup costs; stop attacks at the perimeter; and gain full visibility and are up-to-date with the latest security features.
    11 - New Line of Defense: Cloud-Based Web Application Firewalls
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel