Starting in the year 2014, people've seen an increasing number of cyberattacks targeting all sorts of organizations. These have cost the US economy billions of dollars and exposed the private data of millions of individuals. While most of them are designed to steal trade secrets, credit card information, or even celebrities' personal information, there are still other attacks targeting individuals and small organizations with the sole goal of spreading malware and promoting shady businesses. This is URL injection. The big lesson they learned from this experience is the need for a healthy cross-departmental collaboration. Teaming up with the main IT and security departments should have been requested from the beginning, even if it meant delaying the project a few more weeks or even months. But thanks to their alertness and expertise, we avoided the worst. One month after the incident, they had the Web site running and secure again. Another lesson learned is the necessity to ensure that the test environment reflects the live environment.
Reproduced with permission of the copyright owner. Further reproduction or distribution is prohibited without permission.