It’s no surprise that the majority of these attacks are web-based because every website is different and written by different developers with varied skill sets, said Shawn Smith, director of infrastructure at nVisium. Combine this with the reality that not all developers are security gurus, and hackers have an incredibly alluring target.
“Web servers are one of the most common services to expose to the internet because the majority of the world interacts with the internet through websites,” Smith said. “There are other areas exposed — like FTP or IRC servers — but the vast majority of the world uses websites as their main contact point to the internet. As a result, this is where attackers will focus to get the biggest return on investment for their time spent.”