Threats such as SQL injection and cross site scripting (XSS) have plagued online business for years, only lately getting the notoriety that they deserve; but for every threat that is publicised, there are many more that never get the same attention.
New vulnerabilities are discovered at an alarming rate. 394 new vulnerabilities were reported by NIST National Vulnerability Database in recent months, 140 of these vulnerabilities were high severity. A further study showed that around 90% of websites are vulnerable to exploits that could cause data leakage.
The damages hacking can cause can be difficult to quantify, but include lost revenue and expenses incurred while the site is down and being repaired. This will vary depending on how much of your business is conducted online.
How much would you lose if you could no longer accept credit cards online because a SQL injection leaked confidential data from your database? One of the most publicised hacks cost *Sony $170M a couple of years ago.
More difficult to tabulate are the soft costs, such as future business lost due to fickle audience, and brand reputation damage.
If your site is reported to contain malware or cross site scripting vulnerabilities, modern browsers will warn customers away from your site, which can negatively impact search engine rankings (SEO), even to the extent of being quarantined from showing up in any search results.
The Chosen One
How a hacker chooses his victim can be as varied as the attacks that they use. Typically hackers are after your data, bandwidth, or even the thrill of gaining access. There are active markets for credit card numbers and email addresses.
Hackers know that people often reuse passwords, and will use these in conjunction with email addresses to access your customers' other accounts on other sites.
Once a hacker has access to your system they will install backdoor programs to allow them future access even if you patch the vulnerable software. From this point, your server can be used in DoS/DDoS attacks or hacking attempts against other companies who may seek reparations if the attacks are detected.
The most dangerous hacker is one that has a grudge against your company. They will infiltrate your system with the goal of causing as much damage to your business as possible, destroying both your data and reputation in the process.
With the rapid rate that vulnerabilities are discovered, frequent vulnerability scans with a current scanner is vital to ensure that your site remains protected at all times.
In addition to running scans at least every quarter, it is strongly recommended to run a vulnerability scan after making any moderate or larger updates to your site or infrastructure to ensure that no new vulnerabilities have been introduced.
Any decent hacker will use a scanner to check out the vulnerabilities in your site so shouldn't you at least do the same on a regular basis?
- Sean Power is Manager of Security Operations for DOSarrest Internet Security, a company that specializes in cloud based DDoS mitigation services