Imperva Research Details New Search Engine Hack Innovation

Hackers Bypass Google Security to Execute 80,000 Daily Queries For Cyber Reconnaissance

Aug 16, 2011, 04:00 ET from Imperva

REDWOOD CITY, Calif., Aug. 16, 2011 /PRNewswire/ -- Imperva, a pioneer and leader of a new category of data security solutions for high-value business data in the data center, today released the latest research from its Hacker Intelligence Initiative (HII). The August 2011 HII Report details how hackers are leveraging the power of search engines, like Google, to successfully carry out automated cyber attacks against vulnerable websites.

Dubbed "Google Hacking," hackers armed with a browser and specially crafted search queries ("Dorks"), are using botnets to generate more than 80,000 daily queries, identify potential attack targets and build an accurate picture of the resources within that server that are potentially exposed. By automating the query and result parsing, the attacker can carry out a large number of search queries, examine the returned results and get a filtered list of potentially exploitable sites in a very short time and with minimal effort. Because searches are conducted using botnets, and not the hacker's IP address, the attacker's identity remains concealed.

"Hackers have become experts at using Google to create a map of hackable targets on the Web.  This cyber reconnaissance allows hackers to be more productive when it comes to targeting attacks which may lead to contaminated web sites, data theft, data modification, or even a compromise of company servers," explained Imperva's CTO, Amachai Shulman. "These attacks highlight that search engine providers are need to do more to prevent attackers from taking advantage of their platforms."

Report highlights include:

  • Detailed steps on how an industrialized botnet attack is carried out;
  • Deep dive into a specific botnet attack on a popular search engine observed from May 2011 to June 2011 where the volume of attack traffic was significant: nearly 550,000 queries (up to 81,000 daily queries, and 22,000 daily queries on average) were requested during the observation period.
  • Recommendations for search engine providers to combat these attacks
  • Recommendations for businesses to protect vulnerable applications

The August 2011 HII Report can be downloaded here and further insight can be found on Imperva's blog.

About Imperva

Imperva is a pioneer and leader of a new category of data security solutions for high-value business data in the data center. With more than 1,300 end-user customers and thousands of organizations protected through cloud-based deployments, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere identifies and secures high-value data across file systems, web applications and databases. For more information, visit, follow us on Twitter or visit our blog.

Media Contact:
Katherine Nellums

SOURCE Imperva