A distributed denial-of-service (DDoS) attack disrupts regular web traffic by flooding the server or network with requests in an attempt to overwhelm the system and shut out its intended users. The party carrying out the attack typically sets up a network of automated systems, also called a botnet, by infecting a group of computers with malware. These malicious botnets can consist of nearly any internet-capable device, including Internet of Things (IoT) devices, as long as they can send repeated requests to a specific target.
Injection attacks occur when a web application receives input from a user that causes the application to return sensitive data. These attacks can happen when a hacker enters information into an online form without the form validating the format of the input. For instance, a hacker can carry out SQL injection by entering his or her malicious SQL query into an unsecured web form. When the server receives the form data, if it executes the input against the database without validation, it can return the results of the malicious query to the attacker’s browser, or in some extreme cases even delete or update the database.
In some cases, the hacking threats don’t come from outside actors, but from within the enterprise. Many incidents stem from employee actions, or closely related parties like customers, vendors, and suppliers. Another aspect of this is social engineering, where criminals manipulate employees into giving them vital information like passwords willingly. The most common form of social engineering is phishing - using emails or web forms to solicit personal information by posing as a trusted third-party. Whether these incidents are the result of accidental oversight or deliberate sabotage, IT professionals have seen that they need to take stronger measures to mitigate internal security breaches.
The term malware (short for malicious software) covers a wide range of tools used in cyber attacks. These tools include viruses that can replicate in an out-of-control fashion and cripple a system, spyware that tracks and records keystroke entries, and ransomware that can shut down a system and demand that the user pay to remove the offending software. Most of the time, these are accidentally downloaded by employees because they’re embedded in files that appear legitimate. You’ll want to ensure your organization uses reliable antivirus software and keeps systems updated with the latest security patches.
Even the most sophisticated online security tools won’t deliver the protection they promise if those tools are not configured correctly. Many companies report misconfigurations as the most common type of security vulnerability. These misconfigurations can occur when the system uses the default security settings, rather than using settings that offer better protection. For example, you should edit error messages so that they don’t reveal potential flaws in a security system.
Cross-site scripting (XSS) is a type of attack in which hackers inject malicious client-side scripts into legitimate websites so that users will execute the code when the site loads onto their browsers. Unlike many other injection type attacks, XSS doesn’t target the web application, but the user itself. Attacks can steal the victim’s data using keylogging or phishing techniques. The code can also retrieve user’s session cookies, allowing hackers to bypass login and impersonate the victim. While the victims are users, these types of attacks can destroy a company’s reputation in the long run.
An XML external entity (XXE) is an attack on web applications that parse XML input. An XXE attack occurs when a weakly configured XML parser receives malicious XML input without proper validation. An XXE attack is similar to SQL injection, in that the attack embeds its own code in the hope that the system will execute it without validating it first. These attacks can be in the form of DDoS attacks or as server-side request forgeries (SSRF), in which the XML parser reveals sensitive data from a secured location.
The advancements of cyber attacks have produced an alarming number of threats for enterprises across the board. And since having a digital presence across various channels is becoming the norm, it's now more imperative for brands to have a platform in place that not only supports the delivery of their digital customer experience but also protects them from harmful cyber threats that can potentially damage their reputation.
Al Arabiya is the most visited news site in the Middle East. Their site amasses over 70 million page views a month and sees up to 20,000 concurrent visitors at any one time. Their previous platform, however, was susceptible to politically-motivated hacking and DDoS attacks daily.