|
|
Rubrik: World-wide News/Products & News Companies Need to Wake up and Smell the Coffee When it Comes to Web Site Security Web Application Hackers are Focusing More and More on Attacks That Target Vulnerabilities in the Business Logic (
Anzeige
"With the new Data Protection Act penalties just days away from being implemented by the Information Commissioner's Office in the UK, and other regulators around the world adopting similar `get tough' policies, it looks like data breaches need to look beyond basic vulnerabilities such as SQL injections," said Shulman. "As we've said in our various reports on the subject of Web site attacks, it's always amazing that companies don't think their site defences will be probed by increasingly sophisticated hackers, let alone inquisitive Internet users," he added. According to Shulman, the Web site security lapse was almost certainly the result of a simple logic attack using a technique known as parameter enumeration. Organisations that fail to take seriously security for their Web sites and allied Internet services, he explained, will inevitably suffer from attacks of this type, which can be an expensive option on the regulatory front, as well as when lawsuits come knowing at their door. "And the fall-out from this saga is that the company has now been severely embarrassed internationally, and that's before any legal or regulatory action is involved," he said. "Companies need to wake up and smell the coffee when it comes to Web site security. A failure to make a modest investment at the development and implementation stages can result in considerably more cost - and damage to reputation - in the longer term," he added. (Imperva: ma) |
||
|
