In the past decade, millions of people have used the Web to communicate and conduct business with their customers. This includes the use of web-based apps which collect and store information, including customer information submitted via content management systems, shopping carts inquiry or submit forms and login fields.
They are usually accessed via the Internet and are able to be hacked to exploit vulnerabilities in the application or its infrastructure. SQL injection attacks, which exploit weaknesses in databases, can compromise databases that store sensitive data. Attackers can leverage the foothold they gain from compromising your Web application to locate other systems that are more vulnerable in your network.
Cross Site Scripting (XSS) is a different Web attack type. It exploits weaknesses in web servers to inject malicious code into web pages. The script then executes within the victim’s web browser. This allows attackers to access private information, or redirect users to phishing websites. XSS attacks are most common on message boards, blogs and online forums.
Hackers join forces to overwhelm a website by sending more requests than the website can handle. This can cause a website’s performance to suffer or even shut down completely. This affects the ability to process requests, rendering it inaccessible to all. This is the reason DDoS attacks can be especially damaging for small businesses that rely on their websites for operations like local restaurants or bakeries.
