SQL Injection Attacks, A Growing Menace
Cisco, in its worldwide threat report (Q2-2010), discloses that there has been a significant rise in IPS SQL injection attacks during the 3-months time when websites, hijacked through SQL insertions, surged.
The report as well states that there was a reappearance of Asprox SQL-injection assaults in June 2010 following an almost 6 months of dormancy.
An SQL insertion assault involves distorted SQL statements that try to suppress the actual behavior while making the SQL server to improperly respond to the statement. SQL servers which don't correctly confirm input data as well as purify output data may become subject to different forms of SQL-injection assaults.
And if the attacks are successful, it can result in various compromise situations like malware execution, database content alteration, personal information leakage, or SQL server compromise.
Meanwhile, as per the collected data, during Q1-2010, search engine requests were responsible for 7.4% of the total malware attacks on the Web, whereas 'Search Engine Results Page' (SERP) attacks that occurred in return for genuine search engine requests were responsible for more than 90% of the total Asprox attacks.
Said senior security researcher Mary Landesman at Cisco, the above finding was a highly interesting part of the report since malware attacks on the Web had grown while study revealed that servers were being hijacked due to SQL server flaws. SCMagazine published this on September 6, 2010.
The researcher further stated that SQL attacks reappeared in June 2010; however, the source of the future surge in SQL injections could be forecasted based on the company's statistics.
It (Cisco) further disclosed that attackers didn't just seek flawed SQL servers as a favorable target during Q2-2010. For, Cisco's observation of IPS SQL injections suggests that reconnaissance removals that may be because of network mapping too rose during Q2-2010.
So given these attacks, security investigators think that the current time is the best time towards reviving certain best practices that are essential for lessening the dangers related to SQL injection assaults and stopping bulk injections. These practices, which aren't revolutionary, though, clearly are not being implemented at the rate of extensiveness that's necessary, they say.
Related article: SoCal Computer Hack Traces to Watsonville
» SPAMfighter News - 11-09-2010