Website Security: Is It Important?
If you are not sure how to answer this question, or if you are of the belief that your site does not fall under this category as your company is not a large corporation, you are wrong. Small websites are commonly hacked for use of resources. A good portion of all hacked sites are not hacked by individuals; but rather, the greatest risk to all websites is the result of automated malware. Sucuri, a website security team, posted an excellent article that defines why websites get hacked.
Hacking: Ethical vs Criminal
When it comes to website security, there are two types of “hackers”. An ethical hacker is someone who does not break the law. A criminal hacker is someone who breaks the law.
- Ethical Hacker(aka Security Analyst): An ethical hacker is a security analyst who systematically attempts to penetrate a website, computer or network on behalf of the owners of the website, computer or network. An ethical hacker will never attempt to penetrate any website, computer or network without direct consent and approval from that company.
- Criminal Hacker: A criminal hacker uses the same tools and methods as an ethical hacker, but without consent, knowledge or approval from the individual or organization that owns the systems and devices they are attacking. The purpose of the attack is malicious and falls under U.S. Code › Title 18 › Part I › Chapter 47 › § 1030
Penetration Testing: What Is It?
Penetration Testing: A system method used by both security analysts or criminal hackers to identify vulnerabilities within a device, system or network.
A detective trying to solve a crime is better equipped to solve the crime and provide evidence for a conviction if he understands the methods a suspect uses to commit a crime. A criminal often uses tools that are legal to commit a crime. The tools in of themselves are not illegal, it is the intent and actions of the criminal that makes using these tools a crime.
The same is true when it comes to website security.
A security analyst uses software that is widely available to the general public to identify, analyze and validate known vulnerabilities to a specific device or platform. The software identifies vulnerabilities by testing the specific device for signatures against a database that contains a listing of known vulnerabilities. Finding and identifying a vulnerability does not necessarily mean that the system has been hacked. It only means that the system has a security hole that would allow an attacker to compromise that system.
A criminal hacker uses the same software to identify, analyze and validate known vulnerability to a specific device or platform. They often search for a specific vulnerability that they have experience in exploiting. and the use methods known to allow the attacker to gain complete control to the system. It is common for this to take place without any knowledge of the person or organization that owns the device/platform that has been compromised. The criminal hacker uses the system for malicious purposes and then removes all evidence that the system has been hacked.
Vulnerability Found: What Do I Do?
The first step in analyzing, identifying and resolving a potential vulnerability is to hire a company with experience in this venue. Business analysts, graphic designers and marketing professionals should not be considered for this type of work. The best of all security analysts have experience in computer forensics, software development and network engineering.
The second step is to identify if this exploit attached to this vulnerability has taken place. Every exploit has common signatures that will validate that system has been compromised. If evidence is found, the system will need to be restored to a time in which the exploit did not exist. Not all data is lost, as long as a backup strategy was in place.
The third step is directly contingent on whether or not an exploit has taken place. In most instances, the vulnerability can be resolved with an update, additional coding or site configuration. If the risk attached to the vulnerability poses an extremely high risk to other systems, it might be best to recover the system to a safe point in your backup strategy. The sooner the vulnerability is removed the sooner your risk for an attack will be eliminated.
If you don’t secure
website, this guy will.