"Of the applications, Web sites, and services hosted on
the Web, more than a fair share will experience some sort of
mischief at the hands of a hacker intent on carrying out some sort
of attack. To keep things short and sweet, I can easily say that
although "The Truth may not be out there," people looking to
deface, crack, exploit, break, steal, or otherwise mess with your
site and application are.
"Unfortunately, an increasingly sophisticated and hostile
environment exists in today's Internet. In the case of those
looking to harm your application, you have several things to
consider. Basically, attackers have a lot of advantages that you as
a defender don't. For example, attackers have a whole underground
dedicated to sharing information as well as a (un)healthy desire to
team up and create all sorts of havoc. Accentuating the threat is
the fact that those wishing to "have a little fun" with your
application have nearly limitless time, money, and resources.
Couple these advantages with a questionable set of ethics, and the
threat is even larger. Never underestimate or lose respect for
those looking to do you harm: You do so at your own peril.
"How likely are you to become a target? Well, the statistics can
give one pause. Depending on the application's popularity, attacks
can range from only a few an hour to several hundred or thousand in
the same time period. In fact, the time to actually become a target
of an attack or an attempted attack can be only moments after an
application goes online and becomes available to the world. On
average, a hosted application exposed to the Internet can
experience over 400,000 different attack attempts (of varying
degrees) over a one-week period."