Skip to main content

Cyber attacks targetting websites, web applications, and online services

Attacks can be carried out by exploiting vulnerabilities in web servers, applications, and browsers to steal data, disrupt services or gain unauthorised access to steal data.

Types of Attacks

  • SQL Injection - involves inserting malicious SQL code into a web application input fields to manipulate databases and execute unauthorised access.

  • Cross-Site Scripting (XSS) - involves injecting malicious scripts into web pages in the users browser to steal cookies and session tokens, or redirect to a malicious website.

  • Distributed Denial of Service (DDoS) - Massive volume of traffic is sent to a website or web application causing the website to slow down, crash or make it unavailable to legitimate users.

  • Man-in-the-middle (MitM) - involves an attacker intercepting communication between two parties such as, user and web server without their knowledge

  • Clickjacking - Tricking a user into clicking on something different from what they perceive, often by hiding malicious elements under legitimate content

  • Magecart (Web Skimming) - this involves injecting malicious code into e-commerce sites to steal payment card details entered by customers

Impacts

  • Unauthorised Access to databases, extract or modify sensitive data
  • Hijack user sessions, deface websites, or spread malware
  • Unauthorised Actions being performed on behalf of users, such as changing account details
  • Downtime,
  • Loss of revenue,
  • Damage to reputation
  • Data being stolen such as login credentials, personal or financeial information
  • Legal and Regulatory consequences

Strategies to help protect against web attacks

  • Secure Coding Practices;

    • Always validate and sanitize user input to prevent injection attacks like SQL injection and Cross site scripting.
    • Paramaterized Queries
    • Avoid Hardcoding

  • Web Application Firewalls;

    • Detect and block malicious traffic to your web applications by filtering and monitoring HTTP requests
    • Custom Rules

  • Regular Security Updates and Patch Management

    • Regularly update your web servers, databases, plugins, CMS platforms such as WordPress, and other software
    • Ensure updates are actioned in a timely manner

  • Use HTTPs and Secure Communication

  • Authentication and Access Controls

    • Strong Passwords
    • Multi-Factor Authorisation
    • Role-Based Access

  • Security Testing

    • Regular vulnerability scans and penetration testing to identify weaknesses in web applications and systems

  • Monitoring, Auditing and Regular inspections

    • Implement comprehensive logging and monitoring to detect suspicious activity and potential breaches, using Security information and event management (SIEM) to help analyse real time behaviour
    • Intrustion Detection Systems to help monitor and detect unauthorised access or unusual behaviour in your network and systems

  • Regular Backups

    • Automatic and Offsite backups - to help recover website in ransomware attacks or other data loss incidents.