triangle
arrow
Why Cyber Security is Important for Your Website?

13-Aug-2018

By Pooja Guleria

Why Cyber Security is Important for Your Website?

You can be the next target!

Number of Cyber Security beached has grown up steadily over the past few years. For example: For the past few months Ransomware Wannacry made headlines by breaching into numerous companies and payment is demanded before ransomed data is accessed and decrypted to the victim.

There are numerous examples that big industries in market today have been the victim of Security attacks say: Instagram, Sony, Yahoo, Gmail, Facebook etc.

Want to protect your website from intrusion then contact…

What are Security Breaches and its Consequences?

A security breach is an accidental leakage of sensitive and confidential information. It can happen without the consent of data holder. For example hackers leak Username, phone number, and email address of users of any website or any employee giving sensitive information regarding financial data of any company or property to competitors for the sake of money or any other motive.

It is very expensive for Industries and companies to have security breach especially if they were found to violate company security standards. It may cost up to 10 Million Euro or 2% of Annual turnover of the European based organization.

Categorization of Hackers

Basically there are three types of Hackers which can be categorized as:-

White Hat hackers:

These are also known as Ethical hackers or Penetration Testers. They are one of the good guys in hackers’ world.  These hackers basically help Govt and other Organization to perform security breaches on their websites and identify loopholes in their Cyber security.

Black Hat hackers:

They are the crackers; these guys are the criminals and culprits of the cyber world. They are mostly behind the any news about cybercrime. Their motive is monitory most of the time but they may have other agenda also like blackmailing, revenge etc.

Grey Hat hackers:

These type of hackers fall somewhere between white hat hackers and black hat hackers. They conduct black hat hacks for white hack motives. Their intentions may not be for personal gains they can however have bad or good intentions

Apart from these there is another kind of hackers group known as Hacktivist.

Hacktivist:

These hackers are social activist of internet world. Their propaganda may be social and political agenda. Hacktivist group try to bring about social changes by hacking into Organization and Govt websites and leak illegal activities of High officials and Ministers or may be big businessmen and people. Some notable hacktivist groups are: Anonymous, WikiLeaks, LulzSec.

Types of Attacks on Cyber World

There are numerous types of Hacking Techniques based on which hacking is performed, some of them are mentioned below:

# Bait and switch:

In this technique an attacker buy spaces for Advertisement of popular websites. After wards when any user clicks on those ads he/she is redirected to a page which is infected with viruses and malware. This way attacker can install malicious malware or adware on your computer. Usually those ads and download links are very attractive and are expected that some of the users may end up clicking those links.

# Cookie and Session theft:

A cookie is small piece of data which keeps information of browsers. A cookie usually saves username and password for different websites. Once the attacker gets access to your cookie he/she can authenticate as you on any on any a browser. In this method a hacker encourages the victim to use attackers network or by any means attacker enters victim’s network to gain access to cookies. It is also known as Sidejacking or Session hijacking.

# ClickJacking:

It is also known as UI Redress. In this type the attacker hides actual UI of click where a user is supposed to be click. This is very common in torrent sites, download sites (Songs, movies and apps) and movie streaming. We can say that an attacker redirect the clicks of victims that are meant for the page where attackers want you to be. Basically Attackers’ motive is to earn advertisement dollars but others can steal your personal data also.

# Viruses and Trojan:

These are small malicious programs which attacks and alters victim’s computer system and send victim information to the hacker without prior knowledge of the user.

 A virus must have:

  • It executes itself. It often replace own code in path of execution of another application.
  • It must replicate by itself i.e. it may replace other executable files with virus.

They can lock our desktop, servers, damage our files and steal our data.

# Phishing:

It is a hacking technique in which hacker try to obtain sensitive information such as Usernames, Passwords, Credit card details etc. by pretending to be authenticating entity in an electronic communication.

Combining with Social engineering this type of attack is one of best and deadliest attack vectors.  In this type, the attacker send spam mail to victim and encourages entering username, password and other private information. As soon as victim enters data, that all sensitive information goes to the attacker.

# Denial of Service(DoS/DDoS):

It is type of cyber-attack in which hacker takes down a server or website and makes network unavailable for its intended user by disrupting services of the host website and finally crashes down the website. This technique is very popular among hackers community in which attacker flood the victim machine with tons of traffic and request from many different sources.

We can relate this attack as group pf people at entry of the shop blocking the way for genuine customer to enter.

We at BugRaptors possesses rich expertise in security testing services that has developed methodologies, templates, processes and guidelines for Web applications, cloud and network.

author

Pooja Guleria

Pooja works at BugRaptors as Senior QA Engineer. She is having 5 years experience in web & mobile application testing. Comprehensive work experience in Real Estate, She is expertise in QA practices Project Management, Team Management, Client Relationship Management. Participating in Release Planning, Product Backlog, Product Reviews, Defect review, Root cause analysis.

Most Popular

Tech Talks With Aparna A Gopalakrishnan

25-Jul-2022 Tech Talks With Aparna A Gopalakrishnan
Read more

Future Of Manufacturing With IoT: Understanding The Opportunities And Challenges

22-Feb-2022 Future Of Manufacturing With IoT: Understanding The Opportunities And Challenges
Read more

The Future Of Manufacturing Industry & Its Emerging Tech Landscape

18-Feb-2022 The Future Of Manufacturing Industry & Its Emerging Tech Landscape
Read more

Interested to share your

QA Requirement!

Tags

  • Cyber security
  • cyber security testing
  • security testing services
  • Types of attacks
  • Sign up for newsletter !


    Comments

    No comments yet! Why don't you be the first?
    Add a comment

    Join our community
    of 1000+ readers.

    To get the latest blogs and techniques on software testing & QA Industry.

    *By entering your email, you subscribe to receive marketing uplates from Bugraptors.You can unsubscribe at any time. For more info, read BugRaptors Privacy Policy.