The most common attacks against websites
Nikolett Hegedüs

The most common attacks against websites

Nikolett Hegedüs

I’m sure you’ve heard about the recent headlines about the hacked cameras with the system default passwords or how IoT (Internet of Things) devices can serve as botnets in huge DDoS attacks against the most frequently visited websites. One of these kinds of attacks was a DDoS attack against Dyn, the internet infrastructure company responsible for routing internet traffic. It caused outages in multiple large traffic websites like Twitter, Netflix, Reddit, Spotify, and Tumblr. In the case of a worse kind of black Friday, these websites were inaccessible for a couple of hours.

 

most-common-attacks

 

 

Information leakage is another big problem nowadays and we can find a lot of advice about how we must prepare ourselves and our websites against the ever evolving threats of the ongoing technological warfare.

So what are the most common attacks against websites in 2015/2016?

 

DoS and DDoS attacks

A Denial of Service (DoS) attack is when an attacker overloads a server with multiple requests.

A Distributed Denial of Service, or shortly DDoS attack is a kind of cyberattack where the perpetrator floods the target server with requests to make the service unavailable. The overwhelming traffic comes from multiple sources, often from thousands of unique IP addresses.

 

Brute force attacks

A so-called brute force attack can be a dictionary attack or a traditional brute force attack. During a brute force attack the hacker makes requests to a server and uses previously determined values in these requests. He or she tries to guess the password protecting sensitive areas of the website. This way he/she can overcome authentication protecting e.g. the administration area of a WordPress (or other CMS-driven) website.

A dictionary attack uses a set of “words” or character literals. These words are systematically entered into the targeted application as a password to get past the authentication.

 

Browser attacks

There are different kinds of attacks targeting browsers which we use to surf the Internet. One kind of browser attack tricks the user into click a link e.g. on a website containing downloadable software. The link is disguised as a download or update link for a certain kind of application while in its true form it’s a link for downloading malware.

Browsers can be exploited in other ways too – a few lines of code can be used to target a vulnerability in the browser application. It is very important to frequently update your browsers to avoid these problems.

 

SSL attacks

SSL attacks target the Secure Sockets Layer, the encrypted connection between a website and a browser. An SSL attack intercepts the data before it can be encrypted, giving the hacker access to sensitive data e.g credit card information.

Port scans

Hostile searches for open ports through which attackers can gain access to a computer. Typically used for reconnaissance and as potential precursor to an attack. The intruder sends a message to a port, expecting that the response will reveal the status of the port. The status will help the attacker to identify the operating system and the vulnerabilities for a future attack.

DNS attacks (spoofing & hijacking)

Domain Name Server spoofing is when data is introduced into the domain name system cache, causing the name server to return an incorrect IP address, which redirects traffic to an alternate computer selected by the attacker.  Another kind of malicious behavior is called DNS hijacking. It is a type of network attack that redirects users to a bogus website when they are trying to access a real one. A lot of companies don’t protect DNS because they don’t realize it is a threat vector.

 

sql_173_7aa3fbe04ac6d0f24d309ef5835b4fab85e63d2b

 

SQL injection

SQL injection is a type of attack where the hacker inserts malicious code into the application via input and targets the database. With a successful SQL injection attack it is possible to read, modify, or delete sensitive data from the database. If the system is vulnerable, it is possible to even drop the database – you can imagine what a huge problem that can cause. You can read more about SQL injection in our article.

 

Backdoor attacks

Backdoors are applications that allow computers to be accessed remotely. Many backdoors are designed to bypass intrusion detection systems. Several attack strategies can be implemented through backdoors. Hardware and software components can allow hackers access through malicious backdoors.

 

But what can we do about them, how can we protect ourselves?

The battle is difficult and multilateral, that is why it is worth to trust your server’s defense with a professional company like BitNinja, where a well-prepared technician team is working with different kinds of cyber attacks day by day, so you do not have to worry about their maintenance.

Share your ideas with us about this article

Previous posts

Release note on 1.12.5 version
Today (2016, 07 Nov) we released the newest version of BitNinja. Let’s see what has changed: SenseLog supervisors can be disabled in /etc/bitninja/SenseLog/config.ini CaptchaHttp now checks remote address at connection time From now on the BitNinja captcha is able to determine the performer of the connection in the exact moment when the connection has been established. DosDetection LocalIp filter undefined interface address bug fixed Turkish translation added to CaptchaHttp You can configure your own captcha with the use of our documentation site. Joomla Brute for...
Traffic Exchange Service- HitLeap and its consequences
Recently our support team has received questions about a highly controversial topic, a traffic exchange service, because these server owners started to receive incident reports from us about DoS attacks coming from their servers. We decided to write this blog in order to dissolve any possible concerns and doubts about BitNinja’s reaction to this service and its consequences. HitLeap is a traffic exchange service, which is mainly used by those who would like to boost their own marketing and have their site ranked somewhere at the beginning of Google’s search list. This counter-marketing serv...