according to the network hacker attacks database (Web Hacking Incidents Database, initiated by the Web application security consortium WASC) the annual report information display, the biggest motivation to steal money or steal data is still not hackers, although in recent years involving data theft attacks significantly rising trend."Although
economic benefit is undoubtedly the main driving force of network attack, but we cannot neglect the ideology of the attack," the survey sponsored by the California security software provider Breach Security company (supported by WASC) the results showed that.
Although there have been hundreds of thousands of
sites from the 2008 attacks, the investigation of these accidents analysis carried out strict screening: researchers can only study that is publicly disclosed, involving the application of security issues and has a serious impact on the site of the attack attack accident. These requirements allow researchers to focus on the potential business impact of the attack and the technical problems that cause the attack
study found that most are derogatory attack site is "the political nature of the political parties, political candidates and government departments" website design, cultural conflicts and other problems, such as the Islamic attack western sites.
report shows that the attacker’s second most common attack is to steal critical information, there are 57 attacks from the accident (19%) is for this purpose. Followed by the implantation of malicious software, a total of 9 (16%), and for the purpose of causing the loss of money for the attack time accounted for 13%, a total of up to 7.
is the most common mode of attack is SQL injection attacks, the attacker will command input form web or URLs to steal information from the database or in the website of malicious programs, to infect computer users to access the site. The report found that 57 cases of accidents (30%) use the SQL injection attack ().
2008, using automatic tools to explore SQL injection attacks do defense measures website attacks set off a wave of attacks, at the same time, security vendors estimate that there were about 500000 sites under attack.
told us that these attacks, SQL injection attacks have replaced XSS attacks become the most commonly used attack site attacks, cross site scripting errors more easily than SQL injection was found, but this attack is difficult for attackers to obtain economic benefits.