Web Security: Know Your Enemy

Jamie Riden, Ryan McGeehan, Brian Engert, and Michael Mueter recently released a depressing whitepaper on the prevalence of web attacks titled "Know Your Enemy". They're members of the New Zealand, Chicago, Chicago, and German Honeynet Projects, respectively. "Honeypots" or "honeynets" are computer systems set up as traps for attackers. In their study, they observed roughly 20 attack attempts each day(!) on each server. Some attackers hid behind proxy servers (including Google Translate). Some used "onion routing" to disguise their origin. The goal of the attacks included sending spam, blog comment spam, web site defacement, bandwidth and disk theft, botnet recruitment, and phishing. One phishing attacker attempted to place a convincing copy of Google's Orkut on the server, hoping to use the hardware to phish Google logins:

Now, you're probably not running any of the specific open source apps discussed in this paper on your exposed servers, so you may not face the exact exploits described. Regardless, hardening an e-commerce web site is hard, and too many web retailers underestimate the risk of attack. The threat is real and increasing. Web security isn't just an IT issue -- security should be an active concern for marketing and senior management. Know Your Enemy: a good introduction to a critical topic.
Join the Discussion