Threats such as SQL injection and cross site scripting (XSS) have plagued online business for years, only lately getting the notoriety that they deserve, but for every threat that is publicized there are many more that never get the same attention. New vulnerabilities are discovered at an alarming rate. 394 new vulnerabilities were reported by NIST National Vulnerability Database last month alone, 140 of these vulnerabilities were high severity. With the rapid rate that vulnerabilities are discovered, frequent vulnerability scans with a current scanner is vital to ensure that your site remains protected at all times. In addition to running scans at least every quarter it is strongly recommended to run a vulnerability scan after making any moderate or larger updates to your site or infrastructure to ensure that no new vulnerabilities have been introduced.
The damages hacking can cause can be difficult to quantify. The easiest way to calculate are the lost revenue and expenses incurred while the site is down and being repaired. This will vary depending on how much of your business is conducted online. How much would you lose if you could no longer accept credit cards online because a SQL injection leaked confidential data from your database? One of the most advertised Hacks cost *Sony $170M a couple years ago. More difficult to tabulate are the soft costs, such as future business lost due to fickle audience, and brand reputation damage. If your site is reported to contain malware or cross site scripting vulnerabilities modern browsers will warn customers away from your site, and can negatively impact search engine rankings (SEO), even to the extent of being quarantined from showing up in any search results.
How a hacker chooses his victim can be as varied as the attacks that they use. Typically hackers are after your data, bandwidth, or even the thrill of gaining access. There are active markets for credit card numbers and email addresses. Hackers know that people often reuse passwords, and will use these in conjunction with email addresses to access your customers' other accounts on other sites. Once a hacker has access to your system they will install backdoor programs to allow them future access even if you patch the vulnerable software. From this point your server can be used in DoS/DDoS attacks or hacking attempts against other companies who may seek reparations if the attacks are detected. The most dangerous hacker is one that has a grudge against your company. They will infiltrate your system with the goal of causing as much damage to your business as possible, destroying both your data and reputation in the process.
By Sean Power
Security Operations Manager