Hacking, Phishing and Malware … OH MY!

Hacking, Phishing, Malware, OH MY!

Learn more about some of the most common security risks, including injection, authentication, cross-site scripting, denial of service, and misconfigured security settings, and how to protect your site.

For all of the benefits and conveniences the Internet has provided, it has also presented a number of security risks that must be considered. Thankfully, many of these hazards can be avoided by making yourself aware of the threats. Hacking, Phishing, and Malware all represent different types of attacks your website, application, or organization may encounter. The consequences of such attacks can vary from annoying, such as a small computer virus, to disastrous, like a loss of sensitive customer data. The first step in protecting your sensitive data from these types of attacks is to first understand how they work.

Hacking

The process of “hacking” refers to someone breaking into a computer or network, usually by exploiting an existing flaw. Often this will include the hacker obtaining your personal information or turning your computer into a “zombie” to further their needs. Different hacking techniques include vulnerability scanners, password cracking, packet sniffers, rootkit, trojan horses, and key loggers.

One particular method of hacking is through SQL Injections. SQL Injections are a code injection technique that exploit security vulnerabilities occurring in the database layer of an application. This type of attack targets applications that accept user input – such as an application that requires a username and password to login. This method was recently used to gain access to more than a dozen global payment processor, retailer and financial institutions systems. Protections such as ModSecurity for Apache can help detect and prevent SQL injections from attacking your site’s database.

Phishing

Phishing usually involves fake emails that appear to come from legitimate enterprises, such as your bank or credit union. These emails contain URLs that link to malicious web pages and will ask you to enter in private information, like passwords, bank account information, or credit card numbers. Attackers can then use the entered information to steal your (or your customers’) identity. These phishing sites are often hosted on otherwise legitimate sites that have been attacked due to poor security practices. Security provisions can be added to the server to prevent phishing attacks, however specific websites need to have their own security as well.

There are multiple types of phishing attacks, including spear phishing, whale phishing, and clone phishing. Spear phishing targets specific people or departments and gathers personal information about the target to increase its success. Whale phishing directs the attacks specifically at high profile members of a business, such as executives. Lastly, clone phishing duplicates a previously received email and resends it, but replaces the link or attachment with a malicious version.

Malware

Malware, or “malicious software,” is designed to secretly access your computer, or server, and compromise its main functions, steal data, bypass access controls or otherwise harm your computer. There are several types of malware, including computer viruses, worm viruses, spyware, adware, scareware and crimeware. To spread Malware, perpetrators can create malicious websites of their own, exploit a vulnerability in the applications a website relies on or exploit a vulnerability on the web server or its configuration.

Malware is often download from an email attachment or from a suspicious website. However, malware can also infect servers and upload malicious code or web pages that deliver malware to the site’s visitors. The two types of vulnerabilities most seen on the server side of things are found in the default installation, which is normally set up to make publishing a website easy instead of secure, and in broken authentication and session management. For the latter, it’s important for authentication and session management schemes to protect password credentials throughout the site and server.

Denial of Service

Denial of Service, or DoS attacks, approach an attack differently. While the other types of attacks search for methods to gain access to the victim’s computer, website, or database, DoS attacks allow hackers to bring down a network without having to gain internal access. The hackers flood the access routers with fake traffic and overload the system until it fails. There are also Distributed Denial of Service attacks (DDoS), which are coordinated DoS attacks from multiple sources. There’s no way to prevent these attacks from occurring, but the consequences can be mitigated through services that differentiate between legitimate traffic and malicious traffic. These DoS Mitigation services are especially helpful when they are located within the same data center as your site, rather than through a third party service.

What Can You Do?

While everyone is vulnerable to phishing, malware or hacking attacks, there are a few key practices that can greatly increase your protection from the majority of instances. Make sure to invest in security solutions to keep your data safe. This even includes choosing strong passwords that can’t be easily guess by computer programs. Additionally, keeping websites up to date with security patches is one of the most important means of protection. Companies often publish patches or security updates, such as the security patch recently released by Joomla, that are built to prevent these types of attacks.

The team at Liquid Web is experienced in protecting our customers from attacks like these – and even preventing them before they can occur. In the unfortunate case that your website, application or organization is victimized by an attack, we also offer support to investigate and resolve the issue. If you’re concerned that your information isn’t protected like it could be, take the time to learn how to improve it. The 24/7/365 Heroic Support team at Liquid Web can help you figure out where your security vulnerabilities are and how to fix them.

If you’d like to learn more about how to protect your sensitive data from online attacks, Live Chat or call our team at 800-580-4985.