Social network attacks top website target list
The information is based on reported web hacking incidents catalogued in the Web Hacking Incident Database (WHID), a project of the Web Application Security Consortium. Breach Security analyzed the web hacking incidents documented during the first half of the year and found that social networks are now the leading target for hackers, Ryan Barnett, director of application security research for Breach Security told SCMagazineUS.com on Monday.
“Social networking sites emerged as the most targeted vertical market, with 19 percent of the incidents, a dramatic increase from prior years when this sector was not represented, and displacing government/law enforcement from the number one spot in 2008,” the report states.
Jeremiah Grossman, chief technology officer of WhiteHat Security, and a contributor to Web Application Security Consortiums' WHID told SCMagazineUS.com on Monday that social networking sites are targeted so often because they have such large user-bases.
“If you can infect the [social networking] website you can get to a whole lot of users,” Grossman said.
The most prevalent attack vector against web applications is SQL injection, Barnett said. In addition, the most common driver for hacking is to deface websites by either planting malware on them or altering the content, with 28 percent of incidents falling into this category.
Often, SQL injection is used to place malware on websites so that when a user goes there they are infected, Grossman said. Attackers often drive victims to the infected sites through malicious links on social networking sites.
The best way for users to defend themselves against these attacks is using an updated web browser, because cybercriminals often target older version of browsers that are easy to hack, Grossman said.
After planting malware on websites, obtaining sensitive information was the second most common driver of web hacking incidents during the first half of the year, with 26 percent of incidents resulting in sensitive data leakage. Attackers also use SQL injection to break into back-end databases where sensitive data, such as credit card numbers, is stored. One-fifth of reported security breaches during the first half of the year were the result of SQL injection, according to the report.
In the future SQL injection will only become more prevalent as attackers are crafting ways to automate this technique, Barnett said.