Major web attacks in 2020

Web application attacks are the single most prevalent and devastating security threat facing organizations today. Attacks such as SQL injection and Cross-Site Scripting (XSS) are responsible for some of the largest security breaches in history, including the top three credit card breaches between 2005 and 2010. At one retailer, hackers used SQL injection to compromise servers and steal 45 million records, costing the organization an estimated $256 million.

Web attacks are growing in number, with 100% of organizations in a broad survey reporting that they had recently suffered a web attack.1 The same survey found that Web attacks are also the most detrimental type of attack; they cost organizations over 100 times more than malware and 50 times more than viruses, worms and trojans annually.

Web Attacks Are Targeted

Web applications are easily accessible to hackers. They are also a lucrative attack target because they often store valuable data such as credit card numbers, personally identifiable information (PII) and financial data

Web Attacks Are Often Successful

Most Web applications – over 80% – have had high, critical, or urgent vulnerabilities. This is due in part to the lack of effort applied to secure coding; most developers are motivated to write code quickly or create new functionality rather than to develop secure applications.

Cyberattacks on web applications are increasingly common. As more and more governments and businesses move their services online, web applications become an easy target for cybercriminals. Web attacks are one of the biggest threats to corporate security and data security. They can lead to a wide range of devastating consequences from service disruptions and shutdowns to information theft and data manipulation.

Ever been overwhelmed by all those complicated cybersecurity terms shown on the news, and head to Wikipedia only to get more confused? Here we are explaining in the simplest way some of the most common cyberattacks aimed at web applications.

What is a web application?

A web application is an application program that is installed on a remote server and delivered through the internet, with the website being the user interface. Think about email, social media, and e-commerce sites – you are basically using these applications on the web without having the need to install it locally on your computer.

Simply put, if your interaction with a website involves the request of data, it is likely a web application. For example, most web forms are web applications; when you enter your information in a login form and click the “login” button, you are sending a request to the server to extract your data and reflect them on the user interface.

5 major web attacks in 2020

1. Cross-Site Scripting (XSS)

 Involved in about 40 percent of web attack attempts last year, this remains the most common attack technique we see. XSS typically involves inducing a website to execute arbitrary or malicious script code an attacker uploaded, usually because the site fails to properly sanitize user-submitted inputs. If another visitor loads the malicious or compromised web page, their browser may execute the malicious code, infecting the victim. Most XSS attacks are not particularly sophisticated, and we see a lot of attacks come from so-called script kiddies, who are inexperienced attackers using scripts and tools others wrote.

 2 .Path Traversal

These web attacks were used in about 7 percent of cases we examined. They attempt to access unauthorized files or directories outside the web root folder by injecting patterns such as “../” to move up in the server directory hierarchy. Successful path-traversal can allow attackers to improperly access site or user credentials, configuration files, databases or other sites co-located on the same physical machine. As with XSS and SQLi, successful path traversal attacks usually result from inadequate input sanitization and often are combined with other attacks, such as local file inclusion, to steal the targeted data or credentials.

3.  Zero-day attack

A zero-day attack exploits publicized (or sometimes known through other means) software flaws before they are patched with software updates. Wondering how it got its name? Well, if the day of the software update is seen as “day one”, then an attack that comes before the update is said to occur on “day zero”, making it a zero-day attack. Since these attacks target flaws that do not yet have a fix, they can be difficult to deal with in the short run. Think of it as a new virus without any vaccine or treatment.

Many zero-day attacks target Microsoft Windows right after a software update is released, leaving those who do not update immediately wide open to the attacks. The next time you get notified of a software update, think twice before you click that “postpone” button!

4 . SQL Injection (SQLi)

At about 24 percent of web attack attempts, this was the second most common attack technique we witnessed. The most common form of SQLi occurs when an attacker enters malicious SQL code into a field on a web page and the server-side code submits it to the database without properly sanitizing it first. A successful SQLi attack can delete or change sensitive data or reveal it to the attacker.

5. Distributed Denial of Service (DDoS)

These accounted for about 3 percent of attacks we examined. DDoS involves commanding numerous computers, typically compromised computers in a botnet, to bombard a targeted web server with requests, overloading its resources and rendering it unavailable to legitimate visitors. While DDoS alone does not provide an attacker with improper access to any resources, in 2017 we saw a trend of attackers increasingly using DDoS alongside other attacks to distract automated defense systems from responding to an issue.