Types and Tips for Online Security Threats

Posted on

  • email
  • twitter
  • facebook
  • share this

share this

By Americaneagle.com Chief Technology Officer, Ryan McElrath

There are many common threats against websites today. According to the National Cyber Security Alliance (NCSA) and McAfee, close to one in five Americans report being victimized by a crime that was committed over the Internet. Whether it is a social media website such as Facebook or Twitter, an e-commerce website or a company website, every online platform is vulnerable to security attacks. It’s incumbent upon you to be aware of these types of attacks and make sure you and your hosting company are prepared to handle them. 

While online threats are always evolving, there are a few in particular that are currently popular among hackers:

1. There are Web application attacks where hackers exploit vulnerabilities within the website code or Web server security. Common techniques for this include SQL Injection and Cross-site Scripting. A hacker may use an attack like this to extract sensitive information (like credit card data) or post malware, which is then downloaded by unknowing end users of the site.

2. There are distributed denial of service (DDoS) attacks where hackers attempt to take a website offline by overwhelming it with traffic rather than trying to gain access to sensitive data. Botnets of potentially thousands (and thousands) of infected computers spread out around the world are typically used to launch these types of attacks that can last for multiple hours or even days. Outages caused by DDoS attacks can result in heavy financial loss, as well as significant damage to a company’s reputation. 

3. There are also social engineering attacks where hackers trick humans into giving them privileged information over the phone or via email, which is then used to log into unauthorized systems. Phishing is an example of this – this is when a hacker sends an email that appears to be legitimate and tricks the email recipient into typing his or her login/password into a website that resembles the real site. The hacker then uses that login/password to gain access to the real website.

Within the last several years, Sony, LinkedIn, Zappos, Yahoo, the South Carolina Department of Revenue and several major universities have all been victims of security breaches that exposed the personal data of millions of people. Meanwhile, large-scale DDoS attacks have knocked a number of high-profile websites offline, including Bank of America, JP Morgan Chase, MasterCard, NASDAQ, the FBI and the CIA.

With each of these types of security attacks, companies need to be aware that no matter how large or small they are, hackers are constantly looking for weaknesses within websites. 

Below are a few simple tips on how to reduce the risk of the most common threats that will pay tenfold in the long run: 

1. Using a Web application firewall (WAF) is a very effective way to help defend your website against application attacks that attempt to extract sensitive data from your site. A Web application firewall sits in front of your website and filters all requests, blocking requests that match the pattern of common attacks such as SQL Injection and Cross-site Scripting. Imperva’s Cloud WAF is an affordable software-as-a-service (SaaS) product for small to mid-enterprise businesses that offers the highest levels of website security without requiring a large equipment investment.

2. A common misconception about distributed denial of service (DDoS) attacks is the idea that your Web hosting provider will be able to stop any attack against your website with the firewalls within their data center. The reality is that these attacks continue to increase with intensity and regularly overrun even the most powerful of firewalls, causing outages for your website. The best defense against these types of attacks is to have protection through a DDoS mitigation provider that can filter requests through their scrubbing centers before the attack reaches your site’s infrastructure. These scrubbing centers allow legitimate traffic to continue through to your website while stopping the attack traffic that is attempting to knock your website offline. 

3. Organizations can better protect themselves against social engineering attacks by training employees on security issues and going over specific methods that hackers may use to trick them into giving up personal information. For example, some common techniques used by hackers include acting like an internal employee or pretending that they’re conducting a survey as a way to justify the types of questions they’re asking. It’s important for employees to know that if they’re suspicious of a call or email, to ask their manager before releasing the information.

Organizations should create an incident response procedure to be used in the event that your website’s security is breached. As part of the procedure, your organization should notify the necessary authorities regarding the attack. This includes your local FBI office as well as the major credit card associations if card data is exposed during the attack.

About the Author: Ryan McElrath is the chief technology officer of Americaneagle.com, which is a Web design and hosting company based in Park Ridge, Illinois. Some of their 5,000-plus clients include Hobby Lobby, New York Giants, NASCAR, Stuart Weitzman, Garrett Popcorn, Chicago Bears, Abbott Laboratories and the U.S. Army. 


Login To Comment

Become a Member

Not already a part of our community? Sign up to participate in the discussion. It's free and quick.

Sign Up


Web Design Firm 03-12-2013 7:17 AM

Ryan thank you for the great attack descriptions and the solutions to deal with them.

Security Direct 12-03-2013 3:43 AM

These tips are very valuable I'll follow them to make more security of my website online.

Compuchenna 01-23-2014 12:30 PM

The internet is increasing in popularity every day, so it's expected that criminals would take to the internet to carry out their deeds. I think people should be aware of the risks of buying online and using social media platforms, to an extent, at least. As it will go a long way.

beaded medical alert bracelets 07-21-2014 3:30 PM

This is very educational content written well for a change. It's nice to see that some people still understand how to write a quality post.!

fashion medical alert bracelets 07-21-2014 3:33 PM

Positive site, where did u come up the information on this posting? I'm pleased I discovered it though, ill be checking back soon to find out what additional posts you include.

seo blog uk 11-29-2014 10:23 PM

I really admired reading your website. It had been fine authored and simple to know. In contrast to further blogs I actually have read that are extremely not that good. I also found your posts terribly attention-grabbing. If truth be told after reading, I had to go show it to my friend and he enjoyed it as well.

www.amazon.com 03-08-2015 3:47 AM

It will be ideal to say that you accompanied great elegantly composed articles.

www.facebook.com/pages/Studentenjobs-Hannover/430401060452734 05-15-2015 4:22 PM

Wish I had discovered this web journal some time recently.Much thanks to you for posting this. I simply discovered this web journal and have high trusts in it to proceed.

How to spy on someones whatsapp 05-17-2015 4:15 AM

Great article is worth everyone to learn! We will be keeping it up and have spare time out to see. I think it is fundamental.

warframe platinum hack direct download 05-17-2015 11:53 AM

Intriguing post and I truly like your thoughts on the issue. I now Have a reasonable thought on what this matter is about. Much obliged to you to such an extent.

free xbox live 05-22-2015 5:01 PM

I simply unearthed your website and needed to say that I have truly delighted in perusing your blog entries.

Beneficios del Colágeno hidrolizado 05-25-2015 10:18 AM

It's generally decent when you can be educated, as well as entertained! I'm certain you had a great time composing this article.

startups 05-26-2015 6:05 AM

It is very helpful for me. be thankful you for this post. Thats all I are able to mention.

casting model 06-02-2015 2:34 AM

Simply discovered your website and was quickly astonished with all the valuable data that is on it.

Wallpapers 06-03-2015 1:19 AM

I'll make a point to catch up on your online journal later on. I am not certain from where you're getting your data, but rather okay theme picked by you.

OliviaPhigh pr backlinks 06-04-2015 1:08 AM

This is a wonderful article, Given so much info in it, These type of articles keeps the users interest in the website, and keep on sharing more ... good luck.

ecole de theatre paris 06-04-2015 3:07 AM

This is also a very good post which I really enjoyed reading. It is not everyday that I have the possibility to see something like this.

Phigh pr backlinks 06-04-2015 3:08 AM

This is also a very good post which I really enjoyed reading. It is not everyday that I have the possibility to see something like this.

Google for work is not integrated with RC 06-09-2015 10:40 AM

This is an exceptionally elegantly composed article. I'll make a point to bookmark it and return to peruse a greater amount of your valuable data. Much obliged for the post.

http://www.techweirdo.com 06-10-2015 5:37 AM

I doubtlessly appreciated all aspects of it and i likewise have you book stamped to look at new things on your site.

OliviaP 06-15-2015 1:53 AM

Thank you for the efforts you made in writing this post. I am hoping I'll see more great things from you.

first republic home warranty old republic home warranty total protect home warranty 06-15-2015 7:14 AM

This is a wonderful article, Gives so much info in it

Nurse T Shirts 06-20-2015 4:46 AM

I might want to say thank for sharing this extraordinary article. We can't get this sort of information.Your site is exceptionally loquacious.

TimH 07-10-2015 9:02 PM

nice post very informative

COLAGENO Hidrolizado 08-13-2015 6:11 PM

Great post the threats are real and we have to be really careful about them, hope the internet gets more posts like this it helps to the protection of the ones that don't know that the internet could be a dangerous place to be.

Private Label Manufacturing 08-15-2015 9:08 PM

Supplements can help your dreams of having your own product come alive. Intermountain Supplements offers a wide variety of custom formulation services including liquids, capsules, sprays, powders, and more.

Add to the discussion!

999 E Touhy Ave
Des Plaines, IL 60018

Toll Free: 1.800.817.1518
International: 1.773.628.2779
Fax: 1.773.272.0920
Email: info@websitemagazine.com