An Increase in Website Attacks in 2012

Website attacks are becoming more and more common these days. The annual Symantec Internet Security Threat Report for 2012 reports an 81% increase in Malicious Attacks. A large portion of these are related to websites. The most common of these types of attacks are called SQL Injection Attacks. These types of attacks can cause serious damage to your website, as well as your businesses reputation on the internet. If your businesses website is attacked it can often result in costly expenses to fix.

SQL Injection Attacks involve an attacker running web code that maliciously modifies a website’s database. This can then allow access to your database which allows the attacker control of your website.

The reasons attackers do this depends on intentions. Sometimes an attacker wants to put malicious code up on a website, which can then infect an end users computer and spread a virus. Other times an attacker uses an SQL Injection Attack to gain access to a database to steal credit card information. A large portion of these attacks are not targeted to a specific website/company, but are automated and target a large range of websites.

Another common form of attack is called a DDOS (Distributed Denial Of Service) attack. These types of attacks are when an attacker sends malicious code, or an abundance of requests which cause your website to overload. The end result is that your website does not function and crawls to a halt.

Some common methods you can use to protect your website:

• Have your web development company perform regular updates to your website

• Implement enterprise level application firewall technologies

• Secure the html forms on your website by using CAPTCHA or similar technologies

• Use a software security company to scan your website code regularly for vulnerabilities

References:

Symantec - Internet Security Report - http://www.symantec.com/resources/articles/article.jsp?aid=20100527_report_shows_no_slowdown_in_cyber_attacks