When web bots attack, what websites are the most likely to targets? We discussed automated attacks against websites last month. Here is some new information from Distil Networks about who the main targets have been in the recent past. If your business is included in the following list, you may want to ramp up the security posture of your website and web hosting account.
The industries targeted most frequently by bots are:
- health care
- airlines and travel sites
- financial, insurance and real estate sites
- ticket vendors
- adult and dating sites
- ecommerce sites
Malicious bots can:
- scrape prices and content with your permission to be used on price aggregation sites
- use scanning tools on websites to look for unpatched known vulnerabilities to exploit
- hijack websites for use in spam and phishing exploits
- hijack websites to “rent” to other cybercriminals
- steal user names and passwords
- steal email addresses and other personally identifying information
- flood a web site with spurious traffic and cause a denial of service
- create fake and impostor accounts to steal services
- credit card fraud activities
- hold items in shopping carts to make inventory unavailable to real shoppers
Bot mitigation strategies include using a web application firewall, anti-DDoS, or similar service. Another great tactic is to hack your own website. That way you can find vulnerabilities and weaknesses that the attackers could also find and use to compromise your site. In any event doing nothing is a good way to end up in the news as the latest victim of a breach.
Over the next two weeks we are going to go deeper into the whys and hows of web site security, and give our readers steps they can take to secure their website from attack and hijacking.
More information –Share