In the last decade, millions of people have accessed the Web to communicate and conduct business with their customers. This includes the use of web-based apps that collect and store data such as customer information that is submitted via content management systems shopping carts and inquiry forms and login fields.

These applications are typically accessible via the Internet and can be hacked to exploit vulnerabilities within the application, or in its infrastructure. For instance, SQL injection attacks (which exploit weaknesses in the database) can lead to compromised databases that contain sensitive information. Attackers may also use a foothold gained by breaching the security of a Web application to identify and access other, more vulnerable systems on your network.

Other commonly used Web attacks include Cross Site Scripting attacks (XSS) which exploit flaws in the web server to inject malicious code into web pages, it executes as an infected program in the victim’s browser. This lets attackers gain access to confidential information, or redirect the user to websites that are phishing. Web forums, message boards, and blogs are particularly vulnerable to XSS attacks.

Distributed denial of service attacks (DDoS) involve hackers joining together to pummel a website with more requests than it can field. This can cause the web page to lag or even stop functioning altogether and impede its ability to handle requests, rendering it unusable for everyone. This is why DDoS attacks can be especially damaging for small businesses that rely on their websites for operations for their business, such as local bakeries or restaurants.