Web Application Security Incidents See Rise in Targeted Attacks Against FIs

Trustwave, a provider of information security and compliance solutions, has released its Web Hacking Incident Database (WHID) semi-annual report, which is the result of a project dedicated to maintaining a database of web application-related security incidents. The report analyses the business impact of web application security attacks and reviews compiled data from January through June, 2010. SpiderLabs, the security team at Trustwave responsible for application security, incident response, penetration testing, physical security and security research, compiled the report.

The most notable trend for the first half of 2010 was the steep rise in targeted attacks against the financial vertical market. This is mainly the result of cybercriminals targeting small to medium-sized enterprises (SMEs) online banking accounts. Corresponding to this increase was the spike in use of banking trojans, which result in stolen authentication credentials to steal bank account passwords.

The report also analyses drivers for web hacking incidents, listing various outcomes of the successful attacks in the WHID, all of which can lead to serious consequences. Leakage of information is the top driver, while defacements of websites are second. This is particularly damaging as most businesses today rely on their website to be the face of their organisation. The most notable increase, though the third most prevalent outcome, was monetary loss driven by profit-seeking cybercriminals.

The report finds that organisations cannot properly respond to web hacking incidents due to insufficient logging and security information and event management capabilities. If proper monitoring mechanisms are not in place, attacks and successful compromises go unnoticed for extended periods of time. This trend was also evident in Trustwave’s 2010 Global Security Report, which highlighted the average window of data exposure as more than 100 days for harvesting data in transit and just less than 700 days for data at rest.

“These attackers are professional criminals who are developing new ways to generate revenue from compromising web applications,” said Robert McCullen, chairman and chief executive officer (CEO) of Trustwave. “By extracting sensitive customer data from these e-commerce websites, the information can be sold on the underground black market for significant gain, resulting in identity theft and fraud.”


Related reading