Why are big sites like CBS.com still getting hacked?
I'm trying to figure out how the websites of big companies are still getting compromised and defaced. Many of the attacks don't seem that sophisticated. . . thought this community might be able to help clarify. Thanks
8 comments
[ 2.6 ms ] story [ 30.5 ms ] threadThe mistake could be anything from an insecure form input parser, through to not updating your web server to the latest update.
Once one hacker finds that vulnerability, it looks like it's an easy thing to do to take down or modify the side, but the finding of it can be extremely time consuming.
On the other side, look at who didn't go down in the recent Anonymous attacks - CBS and Universal Music went down, but Sony, EMI, Warner, etc, remained up.
Anonymous only had to find a couple of major relevant corporations that were vulnerable to make a big impact, it doesn't matter that the other dozens (100s?) of suitable targets were more secure.
The difficulty of having a hot backup is preventing a hacker repeating their attack immediately after you fail over.
All this leaves big windows of opportunity for attacks.