Over the past decade many businesses and organizations have embraced the Web as a cheap way to communicate with customers and conduct business. This includes web-based applications that collect and store information. This includes information about customers that is submitted via content management systems and online shopping carts, inquiry forms or login fields.
These applications are often accessed via the Internet and are able to be hacked in order to exploit weaknesses within the application, or in its infrastructure. For instance, SQL injection attacks (which exploit weaknesses in the database) can result in compromised databases that hold sensitive information. Attackers can also exploit a foothold gained by breaching an Web application to discover and access other vulnerable systems on your network.
Other typical Web attack types include Cross Site Scripting attacks (XSS) that exploit vulnerabilities in the web server to inject malicious code into web pages, and it executes as an infected program in the victim’s browser. This allows attackers to gain access to sensitive information or send users to phishing sites. Web forums, message boards, and blogs are especially vulnerable to XSS attacks.
Distributed attacks on service (DDoS) are when hackers band together what antivirus software should i use to overwhelm a website with more requests than it can handle. This can cause the web page to lag or completely shut down in a way that hinders its ability to process requests, making it unusable for all users. DDoS attacks can be devastating to small-scale businesses, such as local bakeries or restaurants that rely on their websites to run.