The Most Common Reason a Hacker Attacks Your PHP Applications
Codementor PHP Expert Ben Edmunds sat in with us for Office Hours to talk about building modern and secure PHP applications. One of the questions asked was about the main goal of hackers—to acquire data or to cause damage for the sake of it.
The text below is a summary done by the Codementor team and may vary from the original video and if you see any issues, please let us know!
What are the Most Common Reason a Hacker Attacks your Applications? Is it to Acquire the Data, or is it just for the Sake of It?
The reason really depends on the type of your applications. For example, if you collect credit cards, usually it will be for the data, as that’s how most credit cards get hacked. If there was no proper encryption or handling of the credit card information, then you can pull it out of the database, which is a pretty big motivator since you can make a ton of money that way.
Another issue is you might want to factor in the “malicious user” may be a security expert who wants a name for themselves by hacking your website and writing a blog post about how they hacked your website. There could also be just a fifteen year old kid who just downloaded firesheep and figured they could watch people’s internet traffic because you didn’t use HTTPS.
There are a lot of varieties, but if you’re handling sensitive data, I would totally be more worried about the data. After all, in the end it’s not going to ruin someone’s life if their twitter account gets hacked, but it could if their bank account did. Therefore, just put up your security depending on how sensitive you think your data is, though there’s also nothing wrong with being more secure than you need to be, if that’s even possible.
Other posts in this series with Ben Edmunds:
- Tutorial: Building Modern & Secure PHP Applications
- Should PHP developers Also Handle DevOps?
- Tutorial: The Best Way to Store Passwords in a Database
- Q&A With PHP Security Expert Ben Edmunds
Need Ben’s help? Book a 1-on-1 session!