County Councils of Ireland & Great Britain are in need of a clean web experience
for their website consumers. Thousands of users access these websites every day for
simple up to date content relating to their region and surroundings. So why they are
security risks, they are a malicious advertisers dream audience. Local and semi local
regions have hundreds of businesses/events/products on with advertising contracts, with
a specified target market that does not even need to be categorized, because 99% of the
audience are in fact the target market.
My Neighbour would do this to me?
Of course not, but advertisers need statistics to show that they are capable of providing
the product cover required for their customers. There has been many cases found and
hundreds more never found that show councils been at the wrong end of a publicity
battle over misleading and inappropriate website advertisements that were secretly
inserted directly into the database or source code on the webpage. Typically done
through Javascript, these advertisements cannot be traced as they use aliases to
encrypt their links, such as www.tinyurl.com which is a very handy service for
shortening website addresses. Websites such tinyURL are very popular, WebSafe uses this technology in parallel with twitter and similar social platforms.
How to Stop It
The only way to stop this type of attack, is to find out if it is possible, then seal up
the gap. WebSafe do many manually and automatic tests that include server side code
execution, SQL Injection and Javascript execution to try and interact with the targeted
websites Database and physical files. After this WebSafe will provide a solution based
on the case where there could be hundreds of possibilities.
Be sure to check out What We Test For and What You Need To Do
Author:
James Snipes,
Software Developer & Network Analyst
Contact James through our
Contact Us Page