Tolstoy wrote that happy families are all alike, while every unhappy family is unhappy in its own way. Something like the opposite might be said for Web sites. Many of the Web's millions of insecure pages can be hacked with just one or two tricks. But patching the bugs in each of those vulnerable sites requires a unique solution.
Case in point: Last month, a single attack ripped through the Web, infecting more than half a million sites including those of the Department of Homeland Security, the United Nations and the British Government. Using Google searches, the attackers' software--written partly in Chinese characters--identified sites vulnerable to a hacking technique called SQL injection and infected them en masse with malware designed to steal the bank codes of the sites' visitors.
