Website security and 3 most common forms of web attacks

The Industrial Revolution 4.0 is happening rapidly with the strong development of cyberspace. The combination of virtual and real systems has changed the way people work, thereby creating a "revolution" to promote socio-economic development. In addition to the undeniable great benefits, the global connection with borderless characteristics also poses many great challenges to the security and order of countries in the world, making the security Networking has become a global problem.

Notably, in 2020, it was discovered that the network information system of the Austrian Foreign Ministry, Ravn Alaska Airlines (USA), Spain's SER Radio, ... had to stop working due to a code attack. malware and denial of service (DDoS) attacks. A database of 6,000 US employees working at aerospace and defense contractor Boeing and documents from carriers AT&T, Verizon and T-Mobile were stolen. 267 million Facebook accounts were stolen and stored on hackers' servers. 890 GB of data including browsing history, personally identifiable information of about 1 million users in 11 countries including: Congo, Bolivia, Colombia, Venezuela.... was exposed because the database server was not encrypted.

Over the past years, Vietnam has had many policies to promote the application and development of IT for socio-economic development. The digital economy was formed and developed rapidly, and more and more new forms of cross-border business and services appeared, based on the Internet. However, besides the advantages, Vietnam is also facing many challenges to national security and social order and safety from cyberspace.

For example, in 2020, the Department of Cybersecurity and High-Tech Crime Prevention (ANM&PCTPCNC) discovered that over 2,600 Vietnamese websites/ portals (with domain name “.vn”) were hacked by hackers. attack, change the interface or insert files (up 28% over the same period last year). Notably, taking advantage of the complicated developments of the COVID-19 epidemic, hacker groups have increased their cyber attacks by exploiting security holes in online meeting applications, spreading malicious code via email messages that can be used in online meetings. content related to epidemic prevention and control.

The top 5 online threats in Southeast Asia include: Malware hidden in websites - very easy to encounter when users access infected web browsers or online advertisements; Malicious code in files/programs accidentally downloaded by users from the internet; malicious attachments from online emails; Malware hidden in browser extensions; and Files that contain malicious code or are controlled by C&C (command-and-control) methods from the hacker's server.

However, this is not entirely negative. Because these forms of website attacks have made businesses more aware of increasing security vigilance. And spurred the advent of many modern technological solutions to help solve this problem.

1. SQL injection web attack

SQL injection (SQL) is a technique that allows attackers to use vulnerabilities in a website's input channels. Targets the web application's database, where the most valuable information is stored. Attackers can take advantage of this to steal important data.

It helps the attacker to perform operations such as delete, insert, update, ... on the application's database.

Structured Query Language (SQL) is a popular type of computer language for creating, editing, and retrieving data from a relational database management system. Databases using SQL include MS SQL Server, MySQL, Oracle, Access... of course, these databases are also not immune to SQLi attacks. Anti-virus programs cannot guarantee 100% protection against SQLi attacks.

To prevent SQL Injection attacks, users should regularly update and patch all servers, services and applications, followed by exporting and using source code.

2. Attack website with XSS

Cross-Site Scripting (XSS) is one of the most popular attack techniques today, it is listed among the most sophisticated tricks for web applications.

XSS is a security bug that allows an Attacker/Hacker to insert malicious scripts into the source code of a web application. It then runs in the user's browser and can change or steal information on the site.

The consequences of what the attacker causes will not be easy to see, especially when browsers run JavaScript under strict control and it has limited access to the operating system, the user's files.

To identify a hacked server, we can look at JavaScript permissions:

Malicious JavaScript has access to cookies. Cookies are commonly used to store tokens, if an attacker obtains a user's cookie, they can impersonate that person.

JavaScript can read and make arbitrary edits to the browser's DOM (in the running JavaScript page).

JavaScript can use XMLHttpRequest to send HTTP requests with arbitrary content to different destinations.

JavaScript in modern browsers can take advantage of HTML5 APIs to access geolocation, webcam, microphone, and even specific files from the user's file system. While most of these APIs require user consent, XSS combined with some clever social engineering will give attackers much more advantage.

Be wary of this form of web attack and also social engineering. If you combine the two types above, hackers will steal cookies, keylogging, etc.

3. DDoS attack website with huge amount of requests

If you can't access your website or notice a large amount of traffic is pouring into your website. That means you are becoming the subject of a DDoS attack.

DDoS (Distributed Denial of Service) attack is a form of website attack to bring down a server with a huge number of requests. You can imagine a Flash Sale where millions of customers rush to buy goods at the same time, DDoS attack is similar. This causes the website to lag and freeze. Thus, when the website is hacked in this form, customers will not be able to access the web, resulting in them being unable to interact, purchase or find any information they need.

The phenomenon of DDoS attacks on web servers today has become a very serious problem. Besides causing negative effects to the website, it also leaves heavy consequences for businesses in terms of revenue, profit and reputation. Therefore, this is a topic of interest to many users and businesses.

And how to keep your website safe and secure, let's find out in the next section!

To prevent forms of attacks on the website, many businesses have implemented many manual measures such as:

• The administrators raise the security consciousness for the site.
• Configure security for the website, check the website source code periodically.
• Minimize the installation of strange plugins (for wordpress).
• Regular backups. Backup data daily, weekly or monthly. However, those are just additional methods that come with it.

In which the simplest, most effective and cost-effective solution must be mentioned is VNIS Cloud WAF - a service provider solution website security in accordance with the needs of each customer. There is a team of experienced professionals who can help you solve problems quickly, accurately and save time.

You can't be sure that your website is safe if the website vulnerabilities is not properly protected.

• Cloud WAF VNIS as a layer of intelligent firewall protection defends the outside of your website.
• Anti DDoS layers 3, 4, 7.
• It can filter all traffic sent to the website, then analyze and evaluate the most quickly and accurately without affecting website speed when returning query results to legitimate users. France.
• Against Botnet, SQL, injection attacks.
• Always monitor and analyze the network environment to assess new threats and keep the database constantly updated.