According to reports, hackers used the SQL injection method and remote file inclusion to attackDomino's website. It's notable that the remote file inclusion is one of the most common methods used by hackers to breach web databases. With this method, database of a website is tricked into disclosing data that should have been hidden by ‘injecting’ certain commands.
“Once hacked, all the website can do is fortify its webserver and make some configuration changes that are not too costly. But it’s very hard to absolutely secure a website from the numerous attack tools available,” Govind Rammurthy, managing director and chief executive of eScan, is quoted as saying by Business Standard.
It's not the first time an Indian website has fallen prey to the hackers. Earlier, a number of websites including those of the government, political parties and private companies have suffered major defacement. It may be recalled that notorious hackers group Anonymous conducted a spate of attacks on the Indian websites to protest the blocking of file sharing websites such as Daily Motion, Pastebin, Vimeo, The Pirate Bay, and others.
Recently, Yahoo and LinkedIn also suffered major data breaches.
“Most websites, especially government sites, have little or no security protection. Second, these don’t even have dedicated security professionals to manage the website and keep protect these from targeted attacks,” says Independent security professional Ankit Fadia.
Source: Business Standard
No comments:
Post a Comment