The number of attacks targeting web databases has reached a record high this year as hackers view them as “a pot of honey” filled with financial and personal information of users.
Security firm SecureWorks reports that it has detected up to 8,000 attacks on databases each day. This figure has increased by an average of 100 to 200 attacks per day compared to the numbers from the first three months of the year.
SecureWorks’ statistics are compiled from the database systems of over 1,300 clients using the company’s security service solutions.
SecureWorks indicated that hackers, primarily utilizing computers from Russia, China, Brazil, Hungary, and South Korea, are employing a common method known as SQL Injection in their attacks on databases.
Jon Ramsey, the Chief Technology Engineer at SecureWorks, stated that hackers first use Google to search for websites that contain active input forms. This serves as a lead for them to submit information into the target database.
Meanwhile, many web applications often do not validate input data from these forms. This oversight allows hackers to inject malicious SQL commands into the database. Consequently, hackers can use tools to extract information from specific tables and columns within the database.
The next step in the database attack involves hackers injecting commands that control the database server to download additional software from the Internet, granting them higher levels of access to the target.
SQL Injection attacks are highly targeted, typically focusing on a single objective for each attack. Hence, such attacks often do not garner widespread attention like viruses or computer worms.
Unimaginable Damage
Despite their subtlety, the damage caused by these attacks is significant. If a database server is compromised by hackers, a vast amount of users’ personal financial information could fall into their hands. If successful, the information obtained by hackers can far exceed that gained through phishing attacks. Hackers do not need to go through the trouble of impersonating others to trick users into providing financial personal information. The success rate of SQL Injection attacks is typically very high.
“We are not in the era of computer worms; we are in the era of zero-day vulnerabilities and highly targeted attacks,” Ramsey asserts.
Businesses must seriously reassess the security of their database systems before becoming victims of SQL Injection attacks.
Visa International and MasterCard International are currently revising their security protocols for credit card payment acceptance to combat SQL Injection attacks.
One of the most famous SQL Injection attacks occurred against CardSystems Solutions, a company specializing in payment card database storage. Hackers used SQL Injection to gain control of CardSystems’ database system and extract the entire database. Approximately 40 million credit card numbers were compromised, resulting in millions of dollars in damages.
Hoàng Dũng
