Threats to Digital Asset Security Keep IT Staff on Their Toes

Attack vectors in the security landscape are constantly evolving and increasing in scope and are capable of crippling the entire network infrastructure of unsuspecting businesses with great efficacy.

For instance, the DDoS attack targeting DNS service provider Dyn, in 2016 resulted in online service outages at several leading brands including HBO, The Wall Street Journal, SoundCloud, Tumblr, Electronic Arts, and Netflix, besides others. What’s even more significant is the fact that the attack was executed through a large set of IoT devices, which also included security cameras, printers, and baby monitors.

PlayStation Network, yet another victim of this attack, was targeted in a different breach a couple of years ago in which it experienced losses of about $171 million with service disruption of a month.

Cyber-attackers and their motivations are a complex subject; but the more popular and successful a business is, the more prominent its content becomes, making it an attractive and often easy target for service disruption. The good news is businesses can use certain easy-to-implement approaches to secure their website such as:

HTTPS: The basic and most essential approach to strengthening security is enhancing the communication protocol via encryption using Transport Layer Security (TLS). This secures all of the interactions between the server and web browser, and eliminates the possibility of man-in-the-middle attacks. As an HTTPS connection is established, ownership of the destination is verified through trusted certificates.

Masking Location: Masking the location of your company’s sensitive content is another effective strategy that keeps it beyond the reach of a cyber-attacker. This can be accomplished by storing addresses of content in their databases instead of coding them into a webpage with a URL.

With this approach, even if attackers view the code on the page, they won’t be able to find the source location of the content.  Also, storing media files and other sensitive content above your www directory will also prevent the attacker from crawling the website to find the content’s location.

WAF: The increasing sophistication of cyberattacks implies the requirement for layering specific security modules in front of applications. For instance, while DDoS protection can help in preventing malicious traffic, a Web Application Firewall (WAF) can filter out traffic using a set of rules that prevent more targeted activity such as SQL injections, cross-site scripting (XSS), and security misconfigurations. It analyses the web-based bi-directional traffic and detects and blocks any malicious or suspicious event.

Encryption: Today, many websites use third-party APIs such as Facebook and Twitter. These APIs, which have targeted advertisements that rely on user history and browsing data, receive first-hand sensitive personal data from the user.

This may include ‘Personally Identifiable Information’ or PII such as names, addresses, e-mails, and credit card numbers. Such data needs to be protected and encrypted in order to keep it beyond the reach of an attacker.

Server-side scripting is one great way to create web pages that execute a part of encryption and decryption on the go. This ensures that data placed in the database, especially PIIs, are secure – even if the website gets compromised.

As a back-up plan, businesses can even use Content Delivery Networks (CDN) such as Limelight Networks to eliminate the threat of DDoS attacks, as CDNs allow scaling up to deal with traffic spikes and allow websites to effectively absorb traffic.

Further, businesses should at the very least set up DDoS detection – unexpected or inexplicable server crashes, frequent slowdowns in service, or frequent queries from the same IP are good indications that a DDoS attack is either in the offing or happening in real time.

As a company’s digital footprint and its customer’s experience become more and more crucial to commercial success, safeguarding your digital content is more important than ever before. Implementing these solutions will help safeguard your digital content to ensure a seamless experience for customers and safeguard your brand reputation.