What risks do Web and database attacks create for an organiz

What risks do Web and database attacks create for an organization?

What harm could a successful attack result in?

Solution

Risks of web and database attacks:

Spoofing: It is the process of imitating other user or process to carry out a task or recover information that is not allowed. An attacker could use a crafted HTTP request having the session id information from other user and recover the users account information which is under attack.

Repudiation: In order to bind a detailed action of a single user, applications must have logical repudiation controls like web access, verification, and database transaction logs. Without confirming the logs, online web application users could easily maintain that they did not transfer equities from one account to an external account of another. Otherwise all online agents would be required to reimburse the client for the missing funds.

Information Disclosure: Information disclosure is one of the major threats to big organizations who maintain private information about the customer base. When attackers are skilled in revealing private information about a user or users of a website, consumer assurance in that organization will be spoiled causing loss in sales, stock price.

Denial of service: These attacks are probably the most well known of all application attacks, frequently produced by malicious users, competitors or script teenager.