How to Handle Website Attacks Your Security May Not See Coming

by Chris Preimesberger

Website hacks are not just about stealing an organization’s data; even without data, you are still a target. Ask yourself: Are maintenance, operation, tuning, training, deployment and setup the right things on which to spend time? What if you could focus on incident response, visibility and reports, and ROI?

This is carried out by sending a large amount of innocent-looking traffic to the Website. All it takes are just a few thousand requests per second to kill most of today’s application stacks. If there is just an order of magnitude more, even the servers could buckle and crash the site. This is relatively easy to generate but extremely hard to separate between the distributed denial-of-service (DDoS) traffic and the legitimate user traffic.

Gaining access to a backdoor on a Website provides hackers with full control over the Web server and application. They often use that control to carry out attacks on targeted Websites or to steal information. It is difficult to detect because hackers will gain root privileges and use them to hide the backdoor.

This involves taking over your domain registrar account and taking ownership over your domain. The Website will go down, and, as a result, the site will lose all search engine optimization (SEO) ranking and reputation associated with the domain. The art of password hacking is much more advanced today than five years ago. The weakest link just may be the domain registrar’s password.

This hacking method automatically collects business intelligence from a Website and is executed by impersonating trusted Googlebots. It is used to eliminate a company’s competitive advantage. For example, hackers may scrape a product catalog and all its prices.

Industry research reveals that 16.3 percent of sites suffer from Googlebot impersonation attacks of some kind. Among those targeted sites, 21 percent of those claiming to be a Googlebot were impersonators. The vast majority of impersonators post comment spam and also steal Website content.

In this hack, legitimate Website functions are automated to harm the business. These can include fake account registrations, fake comments or votes, or fake checkouts. These attacks create a high operational overhead and loss of time and money. They are very hard to deal with because this traffic is invisible to most analytics tools and it appears legitimate to network admins.

Incapsula’s industry research reveals that 31 percent of Website visitors are likely to be damaging intruders. Google Analytics doesn’t show users 51 percent of Website traffic—including hackers, spammers and non-human stalkers.

To deal with new threats effectively, a security strategy must include the following: a) visibility: be sure to stay informed on what is happening from the beginning of the process to the bottom line; b) perimeter security: make sure attacks are stopped on the perimeter, before reaching the network; and c) agility: use security experts who can rapidly respond to new attack techniques.

Cloud-based WAFs, which were recently made available, provide a new service model for online security. They eliminate maintenance, operation, tuning, training, deployment and setup costs; stop attacks at the perimeter; and gain full visibility and are up-to-date with the latest security features.