I’m sure you’ve heard about the recent headlines about the hacked cameras with the system default passwords or how IoT (Internet of Things) devices can serve as botnets in huge DDoS attacks against the most frequently visited websites. One of these kinds of attacks was a DDoS attack against Dyn, the internet infrastructure company responsible for routing internet traffic. It caused outages in multiple large traffic websites like Twitter, Netflix, Reddit, Spotify, and Tumblr. In the case of a worse kind of black Friday, these websites were inaccessible for a couple of hours.
Information leakage is another big problem nowadays and we can find a lot of advice about how we must prepare ourselves and our websites against the ever evolving threats of the ongoing technological warfare.
So what are the most common attacks against websites in 2015/2016?
DoS and DDoS attacks
A Denial of Service (DoS) attack is when an attacker overloads a server with multiple requests.
A Distributed Denial of Service, or shortly DDoS attack is a kind of cyberattack where the perpetrator floods the target server with requests to make the service unavailable. The overwhelming traffic comes from multiple sources, often from thousands of unique IP addresses.
Brute force attacks
A so-called brute force attack can be a dictionary attack or a traditional brute force attack. During a brute force attack the hacker makes requests to a server and uses previously determined values in these requests. He or she tries to guess the password protecting sensitive areas of the website. This way he/she can overcome authentication protecting e.g. the administration area of a WordPress (or other CMS-driven) website.
A dictionary attack uses a set of “words” or character literals. These words are systematically entered into the targeted application as a password to get past the authentication.
There are different kinds of attacks targeting browsers which we use to surf the Internet. One kind of browser attack tricks the user into click a link e.g. on a website containing downloadable software. The link is disguised as a download or update link for a certain kind of application while in its true form it’s a link for downloading malware.
Browsers can be exploited in other ways too – a few lines of code can be used to target a vulnerability in the browser application. It is very important to frequently update your browsers to avoid these problems.
SSL attacks target the Secure Sockets Layer, the encrypted connection between a website and a browser. An SSL attack intercepts the data before it can be encrypted, giving the hacker access to sensitive data e.g credit card information.
Hostile searches for open ports through which attackers can gain access to a computer. Typically used for reconnaissance and as potential precursor to an attack. The intruder sends a message to a port, expecting that the response will reveal the status of the port. The status will help the attacker to identify the operating system and the vulnerabilities for a future attack.
DNS attacks (spoofing & hijacking)
Domain Name Server spoofing is when data is introduced into the domain name system cache, causing the name server to return an incorrect IP address, which redirects traffic to an alternate computer selected by the attacker. Another kind of malicious behavior is called DNS hijacking. It is a type of network attack that redirects users to a bogus website when they are trying to access a real one. A lot of companies don’t protect DNS because they don’t realize it is a threat vector.
SQL injection is a type of attack where the hacker inserts malicious code into the application via input and targets the database. With a successful SQL injection attack it is possible to read, modify, or delete sensitive data from the database. If the system is vulnerable, it is possible to even drop the database – you can imagine what a huge problem that can cause. You can read more about SQL injection in our article.
Backdoors are applications that allow computers to be accessed remotely. Many backdoors are designed to bypass intrusion detection systems. Several attack strategies can be implemented through backdoors. Hardware and software components can allow hackers access through malicious backdoors.
But what can we do about them, how can we protect ourselves?
The battle is difficult and multilateral, that is why it is worth to trust your server’s defense with a professional company like BitNinja, where a well-prepared technician team is working with different kinds of cyber attacks day by day, so you do not have to worry about their maintenance.