Advanced monitoring key to thwarting SQL injections
A spike in SQL injection attacks has caused enterprises to re-consider security measures to prevent a devastating breach from poor database monitoring.
International Business Times reported that after Yahoo experienced one such attack at the end of last year, security professionals began to focus on vulnerabilities due to third-party code. Hackers are increasingly exploiting these loopholes to gain access to the database, steal information and exercise complete control of all systems.
FireHost’s recent report on the “Superfecta” of major cyber-attacks revealed that Cross-Site Scripting and SQL injection occurrences like Yahoo’s have been on the rise since the third quarter of last year. In fact, instances of cross-site scripting increased by approximately 160 percent in the final three months of 2012. Chris Hinkley, senior security engineer at FireHost, commented on the study’s implications.
“The change in frequency of the types of attack between quarters gives you an idea of how cyber-criminals are constantly working to identify the path of least resistance,” he explained. “This is why it is important to have an understanding of the kind of traffic that is accessing your hosted infrastructure, so that you can make sure that malicious traffic is diverted and that there is less risk to sensitive data.”
Security requires continual supervision
A major reason for SQL injection susceptibility is many enterprises with cloud-based servers still have no logging capabilities for file exchange. David Gibson, vice president of strategy at Varonis, told the source that this lack of visibility into the network keeps businesses blind to impending threats.
“We have found that, after a workload is virtualized, the actual details of managing file permissions and monitoring access is considered to be automatically ‘taken care of,’ ” he said. “It is also quite possible that the teams managing virtualization projects see file security and governance as outside their discipline. The security team may have no visibility of what is happening.”
While virtualizing systems undoubtedly gives enterprise employees flexibility in accessing business-critical data, without remote support, the database is vulnerable to continually diversifying SQL injection attacks. Enterprises can utilize database administration services to constantly monitor the SQL database, as well as set permission controls for file access to grant the advantages to cloud hosting without the risk of attack.