Explain why web applications have become such a target for hackers. In addition, choose one of the Top 10 vulnerabilities we covered in class and describe why you think it is important to securing web applications.
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
Heiang Cheung says
Web application became such a target for hackers because it easier to get into than any other way and you could get more information. sensitive data exposure is important because weakly protected data could lead to people stealing credit card information.
Andres Galarza says
I think a lack of security is the principal reasons that web apps have become a bigger target.
One of OWASP’s Top Ten is “Injection”. It’s important because, per OWASP:
“Injection can result in data loss, corruption, or disclosure to unauthorized parties, loss of accountability, or denial of access. Injection can sometimes lead to complete host takeover. The business impact depends on the needs of the application and data.”
Somayeh Keshtkar says
Because web applications are easier to access from any computer regardless of your operating systems and versions, they are becoming more and more familiar. The fact that they are accessible from anywhere, make them more vulnerable, and easier targets for hackers. Form apps can be protected by firewalls, but web apps requires different additional protections. I think the most important type of vulnerability for web apps is XSS or cross site scripting. I think this type of vulnerability is more important since developers can make mistakes, especially if they don’t audit code, and attackers can easily find ways to inject their malicious code into the app, and take control over database or server.
Yijiang Li says
For web applications, there are a lot of data and information stored in online web servers, so hackers can attack the servers directly to steal the important data and information. Second, users have to register an account before using the web applications, however, they may not protect their accounts well, so hackers can take advantage of those accounts to hack in the main programs and servers.
Security misconfiguration is a big vulunerability which we should avoid when we are securing web applications. Initially, some applications has this vulunerability during the coding process, so it should be fixed by updating the newest patches. Second, some applications has strong security configuratuion, but it couldn’t work due to some wrong setttings by employees. In this way, the company should enhance the security traning for both awareness and skills to its employees.
Hanqing Zhou says
There are two reasons why the hackers choose web applications. First, the users base of the web applications is large. Second, it is more easy for hackers to put and hide Trojon or malware into the web applications.
Sensitive Data Exposure is one of the top 10 Web Application Security Risks. As we know, many web applications need users to register account for using it. When users register the account, people may need to put their PII information in it. If the hackers gather information by using web application, they may get users sensitive information.
Karabo Ntokwane says
Web applications are a target for hackers because they allow for capturing, processing, storage and transmission of sensitive personal data (e.g., personal details, credit card numbers, social security information, etc.) This information is exactly what hackers are interested in, to steal people’s money.
One of the vulnerabilities is an error in application code developed without following secure code practices. Code must be reviewed using automated tools and manual penetration testing to ensure that there are no security flaws and that security controls are in place. Web applications can be hacked by script injections and cross site script injections. Secure code practices help eliminate the risk of unvalidated input data to avoid buffer flow, Script injection, SQL Injection etc.
Tamekia P. says
Web applications have become a target for hackers because of all the data held within the databases that support these web applications. As we move to more and more to the web, the more companies are exposed to different types of risks.
Xinteng Chen says
The reason why the web application become the target of hackers is target there is sensitive information . Hackers can access to the application to obtain the information for illegal purposes.
Sensitive data exposure is important to web application, because the goal for security is to protect privacy information in the application. It is important to secure the application, and prevent it from attacking, because disclosure of personal information may lead to huge loses, such as financial lose.
Zhixin Wei says
Web applications are easier to reach ; too many novice programmers writing web application codes; failure to update third-party packages.
Sensitive Data Exposure occurs when an application does not adequately protect sensitive information, exposing data like passwords and session tokens. Companies use web applications for their operations, data is constantly exposed to both internal and external threats.
Chenhui Lai says
Websites and web applications have proven to be one of the most favored targets of cyber attacks because they are more vulnerable to hacking than operating systems or network hardware (such as routers and switches) and offer a host of opportunities to be created on the victim’s network Serious destruction.
SQL injection listed as one of the most common vulnerabilities. SQL injection occurs when untrusted data is sent to an interpreter as part of a command or query. By using a SQL injection attack, a hacker can bypass a web application’s authentication and gather information from an entire database. SQL injection can also be used to add, modify and delete records in a database.
Dongjie Wang says
web applications have become such a target for hackers because web applications are easier to reach and have larger audience group compare with desktop applications.
One of the Top 10 vulnerabilities that are important to securing web applications could be human errors in application development, for example, insecure code.
Linlan Chen says
Web application become the main target for hackers because it is easier to steal information than others. and as we know, there are big group in the web. In other words, There are many sensitive data stored on the web which attract hackers.
Raisa Ahmed says
Web applications have become a target for hackers because it is easy to hack into due to a lack of security. Not to mention, web applications store an abundance of sensitive information.
One of the Top 10 vulnerabilities we covered in class includes sensitive data exposure. This is important to securing web applications because if not secured appropriately, hackers can access PII information of any given individual.
Fraser G says
Explain why web applications have become such a target for hackers. In addition, choose one of the Top 10 vulnerabilities we covered in class and describe why you think it is important to securing web applications.
Web apps are a target because they are exposed to the world (for the most part). Desktop apps don’t usually require an internet and the environment can be locked down. Web apps need to be accessible to remote users, and are therefore open to attack. I like to think of Web apps like a door to a building, anyone can potentially knock on the door, jiggle the handle, try to pick the lock.
One of the top vulnerabilities that I find interesting is form validation. I like the idea of having this “black box” with a slot in it that allows you to put anything you want in the slot and see what the box does in return. When you don’t use some sort of form validation, you allow people to “insert” anything into the black box and see what happens. When you implement form validation you can define some parameters. Similar to how a vending machine works — the bill slot is a certain size, has sensors to validate that a bill is real etc. Without this validation you assume the user will always do the right (and trustworthy/honest) thing. Wrong! Never trust the user! Users bad!
Marsha Billups says
Web applications enable hackers to cause the most damage for the least effort giving hackers the biggest bank for the buck because they’re easy to get to and with significant impact as they can reach large numbers of people. In many cases, web applications are easy targets because there are novice programmers writing web application codes in C3, PHP, JavaScript, that are easier to learn, however, these developers lack knowledge in the basics of secure coding practices and often develop code with basic SQLi or SXX vulnerabilities that can be easily identified by a hacker’s SQL Injection.
Folake Stella Alabede says
For organizations to market and sell their products or services to the widest possible audience and use their websites, they allow an uncontrollable number of entities on the internet to access their web servers. Such access usually entails posting information about the company profile, executive management, policy and procedures, opening ports related to web traffic (port 80 and 443) etc.. Therefore, this wide array of companies’ information and access to their web servers make them a viable option for attacks by hackers.
One of the Top 10 vulnerabilities I will like to talk about is Cross- site Scripting (XSS). XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browsers which can hijack user sessions, deface web sites or redirect the user to malicious sites. It is important to securing web applications because it compromises the integrity of an organization and its website.
Yingyan Wang says
Web applications is easier to become the target for hackers due to there are vulnerabilities which are easier to exploit and it have larger user groups. Sensitive data exposure ins one of the top 10 vulnerabilities that are easier to be exploited, it is significant to secure this field since sensitive data usually contains many privacy information which have negative impact once the information leaked such as financial loss and loss of trust.