Many web sites and electronic infrastructures of organisations have various security vulnerabilities and are subject to cyberattacks with significant consequences on organisations. Successful cyberattacks lead to consequences which have a direct impact on organisations’ infrastructure, leading to Malfunction of the organisation’s electronic services, as well as other sectors. Successful attacks may lead to negative reputation among the other organisations as well as reduction of organisation’s prestige. Furthermore, an organisations may face legal issues in case of disclosure of personal information.
Attackers are exploiting possible vulnerabilities of the organisations websites and their electronic infrastructure. These vulnerabilities may occur due to various factors. The most common factor is websites may use a set of software which are not updated regularly, thus being vulnerable to cyberattacks (e.g., outdated versions of CMS software, vulnerable plugins, outdated versions of programming languages. Another factor is that organisation often do not take sufficient security (e.g., lack of firewall) which exposes the infrastructure to more attacks. Moreover, the infrastructure is not precautionarily tested with regards to their resistance to cyberattacks.
As a result, organisations are often targeted by attacker using a set of exploits like SQL Injection, XSS, CSRF, etc.
Arnolnt Spyros
InnoSec, Greece