Security Watch | Matt Hines » Study - 90 percent of all sites at hacking risk

October 15, 2007 | Comments: (0)

Study - 90 percent of all sites at hacking risk

TAGS: Security

Despite the continued efforts of security researchers, search engine providers and hosting companies to help Web site operators better understand the range of attacks feasting on the Internet -- and in particular the wide range of tactics being used to exploit unprotected but otherwise legitimate URLs -- the latest numbers from WhiteHat Security contend that the problem is only getting worse.

In a new research report, WhiteHat -- the Web applications security founded by vulnerability scanning whiz Jeremiah Grossman -- concludes that as many as 90 percent of all the sites that it has tested in the last year remain open to some form of hijack or infection.

The leading problem remains many sites' vulnerability to cross-site scripting (XSS) hacks, through which attackers place malicious code on legitimate sites to trick end users into handing over their personal information or passwords.

As many as 75 percent of the pages scanned by WhiteHat had some form of XSS-exploitable flaw, according to the paper.

Information leakage -- or the ability to break into areas of a site where potentially sensitive data is stored -- remains another serious problem, according to the company, which reported that the problem ranks as the "top vulnerability class" of all the weaknesses it is finding among the sites it has tested - including XSS-based threats.

WhiteHat also highlighted the increased prevalence of several other types of exploits among the sites it is watching, including SQL Injection and HTTP Response Splitting. The emergence of those attacks can be directly related to the increased use of vulnerability identification technologies, the firm contends.

The company said that HTTP Response Splitting remains "hugely misunderstood and underestimated" and that it continues to evade most scanning tools. As a result, the threats are "startling both in the prevalence and potential consequences" at present, WhiteHat said.

In a recent blog, Grossman described HTTP Response Splitting attacks as such:

"The best way to think about Response Splitting is that it's executed similarly to Cross-Site Scripting (XSS), but more powerful. Take a loose analogy of a written letter in an envelope. XSS targets the message inside the envelope, while Response Splitting targets not only the message inside the envelope, but the envelope itself."

"There several different variations of Response Splitting and many emergent behaviors that make accurate vulnerability identification challenging."

WhiteHat has also begun to warn people about the increased use of Cross-Site Request Forgery.

As part of the third annual WhiteHat Security Statistics Report -- which the testing firm plans to begin issuing quarterly -- the company has also begun looking at the manner in which different vulnerabilities appear to be more popular in individual vertical industries.

For instance, the company found that while Web site security remains weak in general, that the retail sector has managed to secure its URLs better than some other markets. As in the rest of the online world, however, WhiteHat contends that XSS threats top the list of vulnerability classes by vertical, followed closely by Information Leakage.

"These statistics continue to reveal recurring and emerging issues that are affecting Web sites across industries," said Grossman, who wears the title of CTO at WhiteHat. "As increasing amounts of sensitive data are stored online, WhiteHat remains vigilant about alerting companies to common attack methods and emphasizing the importance of Web site vulnerability management as part of their overall security posture."

Posted by Matt Hines on October 15, 2007 01:23 PM

RATE THIS ARTICLE: