How to secure your website from cyber threats - best practices (part 1)

Intro

Data security is becoming one of the most critical aspects of the current world. Data itself is becoming more valuable, hence the constant need to improve its protection.

Also, our users are becoming risk-aware and are seeking solutions that would make them feel safe in the e-world. They also need to understand the complexity of security aspects, which is why this is our moral obligation as product owners, engineers, CEOs, and CTOs to give them sufficient knowledge about the security of our products in case of cyber-attacks or cyber-threats in general.

What are cyber-attack and cyber-threat?

First, we should understand what a cyber-attack or cyber threat actually is.

It is defined as a deliberate exploitation of technology. Or, in more understandable words, it’s an attack (or a threat) from a person or a group using technology aimed at a specific computer or group of computers (or mobile devices or IoT devices).

Those attacks or threats often use malicious code to modify computer systems (like PC/mobile/IoT devices) to gain unauthorized access to personal data and exploit the victims of the attack, amounting to identity theft in extreme cases.

I’ve divided this article into two parts - in the first one, we will just focus on the types of threats, and in another one, I’ll dwell more on the ways to prevent them from happening.

Enjoy!

The types of CyberAttacks

Let’s also take a look at the most common types of cyber attacks out there, together with a simple definition taken from different sources:

1. Malware

Malware is any software intentionally designed to disrupt a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or unknowingly interfere with the user's computer security and privacy.

2. Phishing

Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or deploying malicious software on the victim's infrastructure, like ransomware.

3. Man-in-the-middle attack (MITM)

This is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties.

4. Distributed Denial-of-Service (DDoS) attack

In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting the services of a host connected to a network.

Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests to overload systems and prevent some or all legitimate requests from being fulfilled.

5. SQL injection

In computing, SQL injection is a code injection technique used to attack data-driven applications in which malicious SQL statements are inserted into an entry field for execution (e.g., to dump the database contents to the attacker).

6. Zero-day exploit

A zero-day (also known as a 0-day) is a computer-software vulnerability previously unknown to those who should be interested in its mitigation, like the vendor of the target software.

Until the vulnerability is mitigated, hackers can exploit it to adversely affect programs, data, additional computers, or a network.

7. DNS Tunnelling

DNS tunneling involves abuse of the underlying DNS protocol. Instead of using DNS requests and replies to perform legitimate IP address lookups, the malware uses them to implement a command and control channel with its handler.

8. Business Email Compromise (BEC)

Business Email Compromise (BEC) is a scam targeting companies conducting wire transfers and having suppliers abroad.

Corporate or publicly available email accounts of executives or high-level employees related to finance or involved with wire transfer payments are either spoofed or compromised through keyloggers or phishing attacks to do fraudulent transfers, resulting in hundreds of thousands of dollars in losses.

9. Cryptojacking

Cryptojacking is a cybercrime in which another party's computing resources are hijacked to mine cryptocurrency.

Cryptojacking, also referred to as malicious crypto mining, lets hackers mine cryptocurrency without paying for electricity, hardware, and other mining resources.

10. Drive-by Attack

Drive-by downloads are a standard method of spreading malware. Cybercriminals look for insecure websites and plant a malicious script into HTTP or PHP code on one of the pages. This script may install malware directly onto the computer of someone who visits the site, or it may take the form of an IFRAME that redirects the victim to an area controlled by the cybercriminals.

In many cases, the script is obfuscated to make it more difficult for security researchers to analyze the code.

11. Cross-site scripting (XSS) attacks

Cross-site scripting (XSS) is a type of security vulnerability in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users.

Attackers may use a cross-site scripting vulnerability to bypass access controls like the same-origin policy. Cross-site scripting on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec until 2007.

12. Password Attack

It is a type of cyber-attack where an attacker tries cracking a user’s password. Some techniques to do so include the Brute-Force attack, Dictionary attack, Rainbow Table attack, Credential Stuffing, Password Spraying, and the Keylogger attack.

Naturally, attackers will often try phishing techniques to obtain a user’s password.

13. Eavesdropping attacks

An eavesdropping attack, also known as a sniffing or snooping attack, is a theft of information as it is transmitted over a network by a computer, smartphone, or another connected device. The attack takes advantage of unsecured network communications to access data as it is being sent or received by its user.

14. IoT-Based Attacks

IoT attacks are cyber-attacks that gain access to users' sensitive data with the help of any IoT device. Attackers usually install malware on the device, harm the device, or gain access to further personal data of the company.

This list will give you a general idea and understanding of what can happen to your website or product and your users. In the following article, we will look at ways to help us prevent them from happening.