Web Application Attacks A Leading Cause Of Data Breaches

 

According to the 2018 Verizon Data Breach Investigations Report (DBIR), web application attacks once again rank as the leading cause of data breaches. Out of more than 2,216 data breaches this year so far, 48% resulted from hacks, with denial of service (DoS) attacks taking the top spot.

To view the Executive Summary Verizon Report CLICK HERE

To obtain the full report CLICK HERE

DDoS Attacks
DDoS attacks come in many varieties, with some directly targeting the underlying server infrastructure. Others exploit vulnerabilities in application and communication protocols. In some cases, DDoS attacks are a diversion from other malicious activities that try to infiltrate web applications.

A successful DDoS attack usually has a high noticeable impact and makes it a popular weapon of choice for hacktivists, cyber criminals, extortionists, and anyone else looking to make a point or champion a cause.

DDoS assaults often last for days, weeks and even months at a time, making them extremely destructive to any online organisation. They can cause loss of revenue, erode consumer trust, force businesses to spend fortunes in compensation, and cause an organisation to suffer long-term reputation damage.

Threat Description
A DDoS attack begins when an attacker exploits a vulnerability in a single device, which then becomes the DDoS master. The master then locates and gains control over other vulnerable devices, using malicious emails, malware infections, compromised credentials, or brute-force bypassing of authentication systems. This network of exploited devices is called a botnet.

The attacker also creates a command-and-control server to remotely control the botnet. A single botnet, which can consist of a million infected devices, can attack a targeted server without the knowledge of the compromised device’s owner.

Three categories of DDoS attacks:

  • Volume-based attacks that saturate the bandwidth of the targeted server.
  • Protocol attacks that consume server resources or intermediate device connections such as firewalls and load balancers.
  • Application layer attacks flood the server with requests, causing the server to crash.

DDoS Attack Mitigation Methods
Risk Assessment: Understand scope of risk, including infrastructure vulnerabilities, single-points of failure, and financial impact.

Detection and Blocking: Leverage visitor-identification technology to differentiate between legitimate visitors and malicious clients; blocking traffic from known ‘bad’ sites; detect and block automated clients or bots; challenging suspicious or unrecognised visitors with a JS test, cookie challenge, or CAPTCHAs.

Scrubbing: Absorb attacks into a global network of scrubbing centres.

The WAF Solution
Web Application Firewalls (WAFs) are hardware, software, virtual, and cloud-based firewall solutions. Unlike other network infrastructure security solutions, WAFs focus specifically on web app attacks, vulnerabilities, usage patterns and are able to differentiate between normal and anomalous usage.

Why do you need a WAF?
By inspecting HTTP(S) traffic, WAFs can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations. WAFs know how to validate inputs to stop malicious attacks before they can do harm, and are able to block scanners and automatically patch application vulnerabilities. In addition, they quickly learn application behaviour, maintaining the safety of critical applications by continuously adapting and preventing new attacks.

Imperva – Recognised as Leaders again!
For the fifth year in a row Gartner has named Imperva as a Leader in the 2018 Gartner Magic Quadrant for Web Application Firewalls (WAF).

Imperva’s combination of on-premises appliances, cloud WAF, shared threat intelligence and flexible licensing once again cemented them as the best choice for companies to protect their websites and applications. To download the report CLICK HERE.

Sameer Shaikh -
Consultant  

Sameer has over 11 years of experience in sales and customer service roles in the technology, financial, wholesale trade and retail sector in India, UAE, United Kingdom and New Zealand.

At MPA Sameer is applying his expertise in customer management and business development to maintain existing business relationships as well as developing new business opportunities.

He also shares responsibility in the sales and purchase order entry and logistics areas.

Sameer has a Bachelor of Science degree.


Latest Security Problems Solved

Internet of Things More >
HTTPS – Uptake Set to Accelerate in 2017 More >
Addressing Endpoint Security Challenges More >
Securing Blurred Boundaries More >
Our Solutions
Security Solutions

We work with leaders in the fields of data protection, authentication and perimeter security to protect your organisation and manage any threats with the most effective security systems. More >

Technical Services

MPA New Zealand Ltd provides a range of technical services to compliment the vendor technology our company brings to the local market. More >