Read Time: 2 Minutes
Simply put, servers face the same vulnerabilities and threats than workstations – i.e. software vulnerabilities and exploits, software misconfigurations, and credential leakage. However, due to their often critical role in the company IT infrastructure, they might be harder to protect, as the attackers are interactive, and willing to put some effort into breaking into servers.
The UConn’s School of Engineering, for example, found this to be true when apparently Chinese attackers hit the university. The school’s IT employees discovered malicious software on a number of servers that are part of the school’s technical infrastructure. This software potentially compromised data residing on these servers, including sensitive information pertaining to research and individual communications.
Typical cyber-attacks against servers include, for example:
- code execution attacks, where the attacker is able to feed bad data and take over a service, after which they can write files and run programs
- SQL and other query injections, where the attacker is able to give commands to the database server e.g. to read all data on the server or modify it
- cross-site scripting, where the attacker is able to feed the victim a link, which changes the behavior of your web service.
There are many ways to protect servers from cyber-attacks. However, in the end, your best defense is to limit the attacker’s options. You can do this by minimizing the possible entry points into your network, by minimizing the tools available on the server, by making the data difficult to access in various ways, and by making the data useless when extracted from the content.
Learn more about the ways to defend servers from this video:
More cyber security information in the upcoming webinars:
|15 October 2015 at 11.00 EET||Defending the network|
|9 November 2015 at 11.00 EET||Responding to an incident|
|3 December 2015 at 11.00 EET||Building secure systems|
In case you missed the earlier webinars, check out the recordings here:
Download the “Defending servers” presentation slides or learn more at our SlideShare page.