14 DAY TRIAL // The term "Web attack" is used by infosec professionals to describe intrusions carried out via Web-accessible technologies. These include XSS, DDoS, SQLi attacks, and many other more, which in the end lead to a total or partial compromise of the target's systems.
For all attacks, assailants usually go through the same five steps: reconnaissance, scanning, gaining access, maintaining access, and covering tracks.
During the reconnaissance step, attackers usually adopt one of the following two approaches. They either keep a low profile by employing techniques as dumpster diving or character profiling, or just don't care and actively enter systems to gather data about potential targets and the potential profits they can make, leaving tracks all over the place, later to be removed in the case of a successful breach.
Scanning is the second step and does not refer to scanning for details about the target, but "vulnerability scanning." At this point, the attacker has already decided on their target, and they're looking for flaws in your defense, using tools like port scanners, network mappers, and sweepers.
Over one billion records were illegally accessed in 2015 via Web attacks
The third stage is when attackers gain access to your system, making use of offensive hacking techniques such as cross-site scripting, session hijacking, DoS attacks, buffer overflows, SQL injections, and so on.
After access to targeted systems is obtained, in the next stage, attackers deploy tools such as trojans, backdoors, or rootkits (bootkits), to retain access to infected systems until they exfiltrate all the data.
The last step is where the data is stolen, but where the attackers hide their tracks as well. The data is taken using tunneling protocols, and when it's done, all that's left for the attackers is to alter the log files of the infected system to remove any tracks they left behind during the previous steps.
An infographic detailing all these stages can be viewed below, courtesy of Barricade, a cyber-security vendor providing cloud security systems.
