DDoS attack (Distributed denial-of-service attack)
This is a malicious attack that can completely or partially take your website offline. Nowadays, it is almost impossible to imagine a situation where only one hacker organized a DDoS attack. In many cases, a cybercriminal uses a network of several local machines that have been infected with a virus. Using malicious code, the hacker can get remove access to the “infected” computer. A network of such machines is commonly referred to as a botnet.
The most common variant of making a DDoS attack is to block the machine’s network bandwidth by spamming it with false requests on every open port. As the bolt “fills” such ports with information, the machine is forced to regularly check incoming requests for malicious code, and it is unable to respond instantly to simple requests.
DDoS attack smurf or ICMP-flud – is the most dangerous type of attack, since the victim’s machine goes into total denial of service after such an attack.
How to deal with a DDoS attack?
- You must have a working DDoS response plan. Your production and test infrastructure should be able to instantly rescale or drop instances that stop responding.
- Use protection for your network infrastructure. A combination of firewall, VPN, anti-spam, content filtering, and load balancing allows you to protect your web environment from unauthorized attacks.
- Practice basic network security. Active use of the strictest web security measure can prevent your business network from being compromised.
- Security techniques can include the use of complex passwords, variations in phishing protection, and the use of secure firewalls.
Phishing
Phishing is a specific scam based on stealing confidential information from users. The hacker can be interested in any personal information. Cybercriminals “lure” customers’ data under a variety of pretexts: performing authorization on a site, unsubscribing from spam mailings, making online payments on dubious sites, or installing advertised software.
There are several types of phishing attacks:
- Mail spamming;
- “Duplicate” site;
- “Hodgepodge” of real and duplicate sites.
Protection options:
- A CORS policy check that prohibits making requests to your platform from non-secure sources;
- Test hosts where session tokens are stored.
SQL Injection
A very common variant of a hacking site that interacts with a database, built on embedding template SQL code into a query. Such an attack can lead to loss of information, corruption of web product functionality, or denial of user access.
How to avoid SQL Injection?
- Use of parameterized web queries. This type of query completely guarantees that a hacker will not be able to edit the query, even if he tries to insert SQL commands.
- “White list” of input parameters. This option will be useful when the amount of input parameters is exactly limited.
- Escaping user-entered data. Used only as a last resort when none of the above can be implemented. This technique is frankly weak compared to other security methods, and OWASP is no guarantee that malicious SQL injections will not cause damage.
Short Conclusion
From all of the above, we can conclude that software testing services should be carried out with sufficient attention to the issues of web security of the developed and tested product.
The rapid development of variations in hacking, information theft, and other virtual wealth of users forces the invention and implementation of new types of protection, which in turn must be a reliable guarantor of data security and integrity. Accurate detection and “handling” of malicious attacks is an indispensable attributes in the list of skills of a professional and in-demand QA specialist.
Leave A Comment