Automation can be a web hosts’ best friend in a lot of ways, but unfortunately, it can also be an attackers’ best friend. According to a new report by FireHost, automation is increasingly helpful for attackers to simplify complex attacks.
“As things are becoming more and more automated, as we’re seeing attackers automate what once were complex attacks, and we’re seeing the tools being used more frequently by people that don’t necessarily know what they are doing with them,” Greg Tatum, FireHost security operations center manager says.
On Tuesday, FireHost released its Q3 report that analyzes trends around attempted cyberattacks that target enterprise web applications. FireHost found that cross-site scripting and SQL injection activity is increasingly targeting applications that carry sensitive information about organizations and their customers.
“Attackers are targeting enterprises, not necessarily the large websites that they have in the past; they still do target Amazon and eBay and those types of sites, but it’s becoming more and more focused as the attackers are narrowing down the resources they’re looking for: credit card data, personal health information, stuff like that,” Tatum says. “We’re seeing a lot more of those attacks occurring at least on our environment.”
Jeremiah Grossman, founder and CTO of WhiteHat, says that at this point, when it comes to data stored and shared online, it’s not a matter of whether or not it will be compromised, it’s more a matter of when.
“There are a lot of vulnerabilities out there and these vulnerabilities are open for an exceedingly long period of time,” Grossman says. “As we do more on the web there’s more to steal, more to profit from, so it’s really no big shock that the bad guys are increasing their activities in this area.”
“As an everyday user you’re going to be online banking, buying things online, and doing a lot of things online so you’re going to have to get comfortable with the risk that your data is going to get compromised,” he says. “If there is some piece of data that you don’t want anyone to know, that you don’t want compromised, don’t put it online. “
Tatum says FireHost takes its findings from the report and applies it to its Intelligence Security Model. Basically, it applies what it has found across its customer base to keep each customer protected from vulnerabilities.