Breaches Cast Critical-Eye on Best Practices


The attacks that hijacked more than 130 million credit and debit cards were easily preventable. TJX, Heartland, and Hannaford breaches used some of the most basic of hacker technologies and should never have gone the distance.

130 million cards, damages in the billions, if not the hundreds of billions of dollars were caused by SQL injections, sniffers, and backdoor malware. These were not overly complicated code written by world class hackers these were moderately difficult techniques that are employed on a constant basis.

Indeed the Web Hacking Incident Database labels the SQL injection as the most commonly exploited flaw on a Web application.Sniffers were deployed to capture credit card data and were used in concert with breaches to the database to collect necessary information. Backdoor malware used to transmit the data back to their servers. Once the initial breach was made, the hackers “installed” the sniffers and the malware to complete the process of collecting card information and sending it back.

What’s even more amazing about this, is the fact that the FBI and Secret Service sent out a warning that talked about the various ways hackers will exploit known problems to capture card data. Security experts who looked at these three cases determined that the warning was almost an exact blueprint of each breach.

You may not have access to several million credit cards. Your web site might not be a financial institution. Your web site might only have a modest amount of customers and be a relatively minor player in your industry. Regardless of what your site is, you owe it to your customers, readership, and yourself to provide a secure environment. The tools for prevention of SQL injections. XSS, malware distribution and the like are available. Get educated and get secure.

Categories : Security

Comments are closed.

About Us

WebHostBlog comes from the creators and former staff of WebHostBlog has been a source for Web hosting information and marketing tips since 2003. Along with news and information on the Web hosting industry has covered topics such as business strategy and marketing and continues to be a quality resource for host related subjects. Read More

Contact Us

We work long hours, however we are always interested in hearing what you have to say. So if you have any ideas, comments, questions, death threats, or have a business proposal let us know!

For information on getting a hold of us, you can find our contact information on our Contact Us page

Special Thanks

Our staff has been working with Web Hosts and Web Host finders and news and information sites for over 20 years now and on behalf of those who knew us at The Ultimate Web Host list, Web Host Directory, Web Host Magazine, Web Host Blog and other sites, we'd like to say thank you for helping to build this amazing industry. And we'd like to give a special thanks to many of you who have contributed to these pages, and to Web Host Magazine when we owned and ran it for 14 years. Thanks for your help and advice!
. . . . .