The Inexorable Rise of Website Forgery and Tampering Attacks

There were numerous incidents over the past few years where personal information was leaked through phishing websites, a website intended for forgery and tampering attacks. In particular, website portals with a large number of users, as well as government agencies, and financial institution websites are suffering enormously from phishing and pharming attempts.


According to Kaspersky, the number of worldwide phishing attacks detected hit 129.9 million during the second quarter of 2019 and is expected to rise dramatically over the years to come. Phishing websites are even harder to block because they tend to forge and tamper with the contents and initial systems of the website regardless of the system administrator’s intentions.


Once attacks have been attempted, it is necessary to pay further attention to financial damages. Below are some examples of the attacks and countermeasures to prevent them. 


Website-related Attacks 


1. Packet Crafting Attack 


Packet crafting attacks are one of the quieter of attacks and hackers attack during data exchanges. Normally, when a user makes a request to the server, however, abnormal access to the data when sending a response is a packet crafting attack. The crucial fact is that website administrators and users usually unaware of this attack when it occurs. 


2. Cross Site Scripting (XSS) 


An attack technique involving the insertion of malicious scripts into forum posts or emails to cause other users to perform some involuntary action. For example, if a hacker posts a message that includes code that will behave maliciously in the server, the moment a user views the message, the code will be automatically executed to extract the user information for the hacker.


3. SQL Injection


An injection technique capable of compromising databases by allowing an attacker to manipulate client input values or variables in poorly secured web pages to execute unauthorized SQL queries. Besides being one of the most common forms of attack, SQL Injection attacks can also cause massive data leaks.


In addition to these attacks, there are Spoofing, Man in the Middle Attack, Session Jacking Attack which is commonly attempted by hackers. 


Real Cases

The Largest Cyberattack in the Country of Georgia in 2019 

Thousands of websites in Georgia including state organizations and two major broadcasters (Imedi TV and Maestro) have been hacked by a massive cyberattack.


Approximately, more than 2,000 websites were shut down and 15,000 pages were reported to be affected by this attack. It is estimated that the hacking was aimed to attack the vulnerabilities of the websites. Read more about the attack here


Hacking Incident of a YouTube Music Video of 5 Billion Views in 2018 


The YouTube channel ‘VEVO’ which has various music videos of trending singers was hacked back in April 2018. The music video of Despacito turned into a picture of people wearing masks and holding guns – not only it affected this video but also Drake and Taylor Swift’s. 


Source: The Verge


Security Countermeasures and Prevention 


Countermeasures against website forgery and tampering attacks can be explained within two categories: website administrators and general users. 


Website Administrators: 


  • Keep all your programs and plugins up-to-date
  • Collect and analyze vulnerability information on web application
  • Manage FTF (File Transfer Protocol) such as login ID/PW 
  • Use WAF (Web Application Firewall) to block threats and check abnormal changes in contents 


General Users: 


  • Keep your OS up-to-date
  • Install security software and keep up-to-date
  • Avoid any free or untrusted software and website access 


Web application firewalls block attacks such as SQL injection and XSS. Moreover, it prevents the forgery and tampering attacks of websites as well as malware from being uploaded to internal servers.


Also, by preventing the leakage of any information, it can also be used to protect other assets, prevent further fraudulent login attempts, forgery, and of course, tampering attacks aimed at the website. 


All WAFs have functional differences. The abovementioned functions are the essentials. With accurate detections of new types of attacks, it can help with the safety of the website tremendously.


Penta Security offers yearly reports on WATT (Web Application Threat Trend) and analyzes real web application threat data collected by WAPPLES. It’s a comprehensive report of attack trends and patterns compiled and the purpose is to not only identify and predict future web attack patterns but also to apply the trends and patterns to WAPPLES patented logic-based detection engine.


Website forgery and tampering attacks range from for-profit purposes, for undermining the brand value of other companies, or even for political purposes. It gets even worse when the government itself is targeted, just like in the Country of Georgia in 2019. As diverse as it gets, it can occur in any sector and in any size.


Website administrators must take countermeasures to prevent cyberattacks and to minimize the damages, while general users take to protect their personal information and their PCs from hackings.