The Business Times

Attacks on websites a wake-up call for Singapore: McAfee

Published Sun, Nov 24, 2013 · 10:00 PM
Share this article.

THE recent spate of attacks on websites in Singapore may have organisations looking harder at their cyber defences but Michael Sentonas, McAfee's vice-president and chief technology officer for Asia Pacific, says there is no need to make a beeline for next-generation security products.

"This is a good wake-up call. The threat is very real and is something that organisations need to take very seriously. Many of the techniques that have been used to penetrate networks are not new. The average attacker does not have to do anything new," he said, pointing to techniques such as cross-site scripting and SQL injection that were used in some of the attacks.

A basic example of cross-site scripting is when an attacker injects a script in a legitimate site URL which then redirects a user to a fake but identical page. The attacker can then hijack the user's session. In SQL injection, code is injected into a data-driven web server that allows the attacker to gain access to the contents of a database.

BT is now on Telegram!

For daily updates on weekdays and specially selected content for the weekend. Subscribe to



Get the latest coverage and full access to all BT premium content.


Browse corporate subscription here