10 Things cybercriminals love about you

10 Ways organizations make attacks easy

What do cybercriminals love? (Mostly themselves, but that is beside the point.) They love organizations that have unmitigated risks in their web applications and application program interfaces (APIs). With the entire world connected via the internet, the easiest and quickest way for threat actors to infiltrate your systems or steal customer data is through web applications. Basically, everything from the code used to build the application or the API used to connect things to configurations and authentications are fair game.

The top 10 web application security risks cybercriminals love

The areas most often targeted for attack can vary and may change frequently as cybercriminals invent newer and more stealthy ways to worm their way into systems. According to the OWASP, the 2021 Top 10 Web Application Security Risks are:

  1. Broken Access Control
  2. Cryptographic Failures (Sensitive Data Exposure)
  3. Injections (including Cross-site Scripting)
  4. Insecure Design
  5. Security Misconfigurations
  6. Vulnerabilities and Outdated Components
  7. Identification and Authentication Failures
  8. Software and Data Integrity Failures
  9. Security Logging and Monitoring Failures
  10. Server-side Request Forgeries

Most common attack types

Based on the risks listed above, criminals are most likely to employ the following attack types in their bid to infiltrate systems or steal sensitive customer credentials:

Client-side attacks (data breaches and credential compromise)

Client-side attacks include formjacking, credit card skimming, and Magecart attacks. Cybercriminals use client-side attacks to steal information directly from customers or other website users as they input information into websites. Stolen data includes credit card information and personally identifiable information (PII).

Supply chain attacks (JavaScript and software)

According to recent research, supply chain attacks surged by more than 650% over the last year. Threat actors are leveraging existing vulnerabilities in open-source and third-party code or injecting their own malicious scripts into software and JavaScript code to conduct hostile attacks against organizations and industries connected via the supply chain.

Vulnerable application attacks (Unpatched bugs/vulnerabilities and legacy applications)

New bugs and vulnerabilities are discovered on a daily basis and cybercriminals love to exploit them. Equally, criminals are attracted to legacy applications that may contain unpatchable vulnerabilities. Sometimes attackers discover the vulnerabilities before security researchers, and these ‘zero days’ enable application and system compromise often without the organization even knowing it had been attacked. Common attack types that target vulnerabilities include cross-site scripting, injections (JavaScript, SQL, CSS, and HTML).

Automated attacks (Bots and DDoS)

Threat actors use automated techniques, such as botnets and distributed denial of service (DDOS) for attacks that include credential stuffing, content scraping, ticket/product scalping, gift card abuse, and business interruption.

Protect your organization from the risks and attacks that cybercriminals love

There are purpose-built solutions that safeguard organizations, consumers, and internet users from the very things that criminals love to use to their advantage. Two tools that are a part of AT&T Managed Vulnerability Program from Feroot provide client-side application security solutions. These tools are:

Feroot Security PageGuard—Based on the Zero Trust model, PageGuard runs continuously in the background to automatically detect the types of unauthorized scripts and anomalous code behavior found in client-side, application, supply chain and automated attack types. If threats are detected, PageGuard blocks all unauthorized and unwanted behavior in real-time across the organization. PageGuard also automatically applies security configurations and permissions for continuous monitoring of and protection from malicious client-side activities and third-party scripts.

Feroot Security Inspector—In just seconds, Inspector automatically discovers all web assets a company utilizes and reports on their data access. Inspector finds all security vulnerabilities on the client-side and provides specific client-side threat remediation advice to application developers and security teams in real-time.

Next steps

Modern web applications are useful, but they can carry potentially dangerous vulnerabilities and bugs. Protect your customers and your websites and applications from client-side security threats, like Magecart and script attacks with security tools like Feroot’s Inspector and PageGuard. These services offered by AT&T’s Managed Vulnerability Program (MVP) allows the MVP team to inspect and monitor customer web applications for malicious JavaScript code that could jeopardize customer and organization security.

Article Link: 10 Things cybercriminals love about you | AT&T Cybersecurity