| Web Applications are compromised daily and now | | | | company lose trust in the security of the company and |
| account for the majority of vulnerabilities on the | | | | start taking their business elsewhere. The company |
| Internet. | | | | then starts losing revenue and the customers begin to |
| Website weaknesses are a major way that cyber | | | | find that their credit cards are being charged illegally. |
| criminals, working with hacking techniques, can steal | | | | The credit card companies are involved and are losing |
| sensitive data. With this data, nefarious crooks can | | | | money as well. Nobody is immune to these website |
| affect companies and individuals alike; there is little | | | | attacks, whether its large company or one individual. |
| distinction between Fortune 500 Companies and an | | | | As programmers design web applications to be more |
| end user with a credit card. They often just follow the | | | | accessible and easy to use, often these features are |
| path of least resistance. | | | | targets for crime groups to attack. Programmers must |
| Online data theft is not a game. While some hackers | | | | protect their applications by following secure coding |
| will brag about having breached the security of a web | | | | practices to filter out any attacks and create a safe |
| application and gained access to sensitive data, the | | | | place for their clients customers to do business. |
| criminals have money, not bragging rights in their | | | | One of the major ways hackers breach a web |
| cross-hairs. Extortion is sometimes the name of the | | | | application are through SQL injection attacks. SQL |
| game. If data can be held at ransom by thieves, | | | | injection attacks can be used to access sensitive data |
| depending on how sensitive the data is, they can | | | | or do any number of destructive things to the data |
| demand a huge sum of money. | | | | stored in the web application's database. Cross-site |
| The ways that companies and individuals are affected | | | | scripting attacks are also prevalent. This attack occurs |
| by web application attacks are numerous. Imagine this | | | | when malicious code is inserted and executed when a |
| "what if" situation. A large Fortune 500 company is | | | | user loads an infected page. Denial of service attacks |
| attacked by an orchestrated attack and the credit | | | | are also popular. This happens when the network |
| card numbers are taken and held at ransom by an | | | | hosting a website is swamped with useless requests |
| organized crime group. Word gets out and the Fortune | | | | sent out by the criminals which creates so much traffic |
| 500 company under goes a huge investigation and | | | | that the network or system crashes. |
| security audit. The clients and customers of the | | | | It's a wild world out there... |