Kevin Mitnick: The Increase of XSS Attacks in Q4 2012 Is Not Surprising

FireHost has released the results of its latest quarterly study

  FireHost releases Q4 2012 web application attack report
Secure cloud hosting provider FireHost has released its web application attack statistics for the fourth quarter of 2012. According to the figures, the number of cross-site scripting (XSS) attacks has increased by 160% compared to the previous quarter.

Secure cloud hosting provider FireHost has released its web application attack statistics for the fourth quarter of 2012. According to the figures, the number of cross-site scripting (XSS) attacks has increased by 160% compared to the previous quarter.

In Q3 of 2012, the company’s servers in the US and Europe blocked just over one million XSS attacks, but the number grew to 2.4 million between October and December.

In 2012, FireHost blocked a total of 64 million cyberattacks, many of which relied on XSS vulnerabilities.

“The escalating increase of XSS attacks in Q4 does not surprise me -- any teenager with a web application scanner can initiate these attacks in their free time,” Kevin Mitnick, who is a FireHost customer, said.

“This increase does show, however, that when your servers are plugged in they are going to be probed -- likely within several minutes or so -- and that it's really important to work with a hosting provider like FireHost who can exercise due diligence on your behalf and keep you from being compromised.”

Chris Hinkley, a senior security engineer at FireHost, explains that cybercriminals are constantly trying to identify attack methods that encounter the least resistance.

“During Q4, ecommerce sites in particular would have been very busy with Christmas sales. Hackers will rapidly go after these high value targets with attacks that are highly automated and, if they are not yielding useful payloads, the attackers are equipped to quickly try a different type of attack,” Hinkley noted.

“This is why it is important to have an understanding of the kind of traffic that is accessing your hosted infrastructure, so that you can make sure that malicious traffic is diverted and that there is less risk to sensitive data.”

Comments