This month, we’re highlighting SQL injection attacks, an emerging tactic that is becoming increasingly popular among hackers. We’ve seen a recent rise in mass attacks and all signs point to the fact that we’re likely to see more to come. Find out what you need to know in order to stay safe as you surf.
Understanding the Threat
SQL, which stands for Structured Query Language, is a database computer language for retrieving data and managing database systems. Nearly all websites that host personal or product data rely on a database to manage information; this includes social networking, e-commerce, and online banking sites.
An SQL injection is a web attack technique used by hackers to compromise servers. Unknown to the website’s host, the hacker can insert malicious code, infecting any visitors to the site. To put it in simple terms, compromised material on legitimate websites is being used as a means to infect users with malicious content.
This method is one to watch for as an attack on a single, popular server is capable of serving the hacker’s content to millions of visitors. Attacks on websites may be increasing because of the ease at which cyber thieves can carry them off; the scammers need only scan the sites for coding flaws and then redirect the web viewer to a malware source.
The threat level posed by SQL attacks has recently been underscored by the trusted Sans Institute, which listed Web application security exploits, like SQL injections, as one of this year’s top emerging attack patterns.
“Until 2007 few criminals attacked these vulnerable sites because other attack vectors were more likely to lead to an advantage in unauthorized economic or information access. Increasingly, however, advances in XSS and other attacks have demonstrated that criminals looking for financial gain can exploit vulnerabilities resulting from web programming errors as new ways of penetrating important organizations,” according to the Sans Institute’s Top Ten Cyber Security Menaces for 2008 report.
The Bad Behavior
As forecasted, we have seen a growing trend in recent months – an increase in indirect attacks carried out though compromised websites. Hundreds of thousands of websites, some of them brand name and well-known sites, have been injected and are now unknowingly serving up malware.
How do you get infected? To carry out this type of attack, hackers take advantage of incorrectly coded web applications by injecting SQL commands. Vulnerable web pages are compromised and installed with code that redirects visitors to a malicious website or malicious content.
As is the case with countering most online threats, it’s always best to practice caution while online. But safe surfing may not be enough to combat this technique because attacks are often carried out on legitimate and trusted sites.
Here are a few winning strategies to help prevent infection:
- Be leery of links from unknown origin.
- Patch your operating system and other applications.
- Use up-to-date, real-time anti-spyware and anti-virus protection, along with a firewall.