Definition – What does Hacking mean?
A hack (or hacking) occurs when someone gains unauthorised access to a part of your webserver with write access. This can be through code, stolen passwords, or through someone else’s site on a shared server. Defacement is one result of a hack – just because you have fixed the defacement doesn’t mean you have fixed the actual hack. Almost all attacks are automated or begin in an automated fashion. Automated scans use databases of known exploits and techniques against websites. It is critical to always have the latest stable version of your software installed.
There are normally at least 4 phases in an attack
• Automated scans to identify vulnerabilities in websites using “signatures” of known exploits
• Exploiting the vulnerability
• Attack detection
• Containment and fix.
• Automated scans to identify vulnerabilities in websites using “signatures” of known exploits
• Exploiting the vulnerability
• Attack detection
• Containment and fix.
There are no hard rules about the time periods between these phases but they could be separated by minutes, by weeks, or by months. Unless the site is defaced or you have security procedures in place, detection can be anything from weeks to months by which time the trail has gone cold. The time taken between detection and fix is also variable since a lot of small companies may not have the resources to implement a fix or they may feel it is not cost effective for them to do so. In over 85% of cases, the security breach or hacking is not discovered internally and the website owner is notified about it from an external source such as Google, their users, listed on notification websites, or some other means. According to recent reports, during 2010, the average website has 230 serious vulnerabilities. The Imperva ADC report from July 2011 estimates that “websites experience an average of 27 attacks per hour or about once every two minutes”. Since these probes and attacks are automated similar to a search engine spider all websites are targets from the largest online retailer to a small little used personal site. Over 40% of attacks can be carried out with little or no technical knowledge on behalf of the hacker. Tools, instructions, and checklists are readily available to those who have the motivation and basic skills in using a search engine. About 50% of the attacks need moderate skills only.
Comments
Post a Comment