• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • About
  • Structure
  • Schedule and Materials
    • Part 1
      • Week 1: MIS Careers and Intro to IT Architecture
      • Week 2: Computing Systems
      • Week 3: Operating Systems
      • Week 4: Storage
      • Week 5: Networking
      • Week 6: Systems Administration
      • Week 7: Systems Administration cont.
      • Week 8: Databases – Database Administration
    • Part 2
      • Week 9: Application Software
      • Week 10: Application Software cont.
      • Week 11: Databases – Database Development
      • Week 12: Web Application Security
      • Week 14: Special Topics
      • Final Exam
  • Grade
  • Assignments

ITACS 5122: Enterprise Architecture for IT Auditors

MIS 5122 - Section 002

Web Application Hacking

November 15, 2018 by Patrick J. Wasson 5 Comments

Explain why web applications have become such a target for hackers.  In addition, choose one of the Top 10 vulnerabilities we covered in class and describe why you think it is important to securing web applications.

Filed Under: Class Discussion Tagged With:

Reader Interactions

Comments

  1. Shuyue Ding says

    November 20, 2018 at 5:44 pm

    Web applications have become such a target for hackers because firewall works pretty well nowadays, but web applications have to let users get in their network/system in order to see and use their website, which is what the web application functions to. Hackers can take advantage by the hole that web applications opened, and hack from web server to database server from the hole for the customer data. One example would be SQL injection, which could trick the system as long as result has one row. Hackers use “or” in the last filed in SQL statement, and they probably get in as administrator because the first row of user database is usually as administrator. Therefore, it is important to have function in the web coding that only allow what types of text get in from the textbox.

    Log in to Reply
  2. Ryu Takatsuki says

    November 26, 2018 at 2:12 pm

    When I searched online, I found there are three main reasons why web applications have become such a target for hackers. Firstly, web applications are easier to reach. According to TechTalks, in many cases, once websites are breached, they serve as a beachhead for other major attacks and allow attackers to move laterally across the network with insider access. Secondly, there are too many novice programmers writing web application codes. The third reason is the failure to update third-party packages. I think these three points could explain the reason. Malicious file injection allows attackers to perform remote code execution etc by compromising input files or streams; commonly caused by improperly trusting input files. It is important to protect the web application from attackers.

    https://bdtechtalks.com/2016/02/29/why-are-web-applications-attractive-targets-for-hackers/

    Log in to Reply
  3. Sarah Puffen says

    November 28, 2018 at 4:20 pm

    Web applications exist to share types of information, which are hosted on a single source, with multiple people. These applications may contain databases with sensitive material such as credit card or social security numbers, which is ideal information to a potential attacker. If a web app isn’t secured properly, a hacker may gain access to this personal information and use it for many purposes, such as selling the personal information, committing identity theft or opening new credit accounts. For hackers, web application security is the sole hurdle they must clear in order to gain access to an abundance of personal data.

    One prominent vulnerability in web app safety is insecure direct object reference. Web developers must ensure that a person’s username is not located in a URL because URL’s are shareable. Consequently, if someone shares a URL while logged into their user account, the next person that clicks on the URL may have access to whatever information is in that account. Considering technology’s evolution, this should seem like an easy security measure to take. However, even something this simple can slip through the cracks due to time constraints or high demand for the completion of web development, which was the case when healthcare.gov went live with chaotic results.

    Log in to Reply
  4. Haixin Sun says

    November 28, 2018 at 5:00 pm

    The reason why web applications have become such a target for hackers is web applications are easier to reach with low cost and potential high returns. The vulnerability of breaching security cause a possible harm easily. For example, Cross-site scripting (XSS) is a common computer security vulnerability typically found in web applications. Attackers send malicious code in the form of a browser side script to a different end user by injecting into trustworthy website. When web applications do not have best practice in protection, the impact of XSS would be the disclosure of sensitive data (Business information, PII, Intellectual information and even national security information) that might cause fraud, defamation, identity theft or destruction of targets.

    Log in to Reply
  5. Yuqing Tang says

    November 29, 2018 at 3:47 pm

    The biggest reason of web applications become the target of attacking is because they are easy to hack. It is easier to reach since the existence of many loopholes. Experienced programmers are not likely to program the web applications, and most of the coding are done by relative new programmers. There are many vulnerabilities, CSRF sounds like cross-site scripting (XSS), but it’s very different from XSS, which exploits trusted users within a site, and CSRF, which exploits trusted sites by disguising requests from trusted users. CSRF attacks are considered more dangerous than XSS attacks because they tend to be less prevalent (and therefore have relatively few resources to guard against) and less defensible than XSS attacks. Since these types of vulnerabilities exist, Hackers have more chances to hack the web applications with limited resource, and we need to secure them.
    https://bdtechtalks.com/2016/02/29/why-are-web-applications-attractive-targets-for-hackers/

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Class Discussion (12)
  • Course Announcements (20)
  • General Course Questions (1)
  • IT Knowledge Base (4)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in