Hackers Feast on SQL Injection Exploits
A review of major data breach incidents in the past year found that most hackers used SQL injection to infiltrate enterprise networks.
Hackers used SQL injection tactics to access corporate networks in 60 percent of significant data breach incidents reviewed by 7Safe, a leading computer security and forensics consulting firm in London.
SQL injection attacks, which target vulnerable code in the database layer, have long been a nightmare for IT administrators because they're extremely difficult to defend against in a live production environment and often require multiple patches to the installed database software.
E-commerce sites and online banking customers in December learned just how painful these new and increasingly complex SQL injection attacks can be. A new variant contaminated more than 125,000 Web sites with a Trojan known to harvest credit card and other banking information.
7Safe and the University of Bedfordshire teamed up to review the security breaches and write the comprehensive data breach report. The authors analyzed anonymized data from more than 60 significant computer forensic investigations, looking for similarities, differences and the methodology used by the perpetrators.
"Compared with many existing studies that are based purely on survey data, this report reveals what is really happening in the UK," 7Safe CEO Alan Phillips said in the report. "To my knowledge, this report is the first of its kind in the UK, and many businesses will find the results very interesting."
The review found that 36 percent of the cyber attacks on UK-based organizations originated in Vietnam, with the U.S. trailing at 29 percent.
Sixty-nine percent of the data breaches occurred in the retail sector and payment card information was stolen in 85 percent of all the cases.
The 7Safe study jives with surveys conducted by other security-monitoring organizations and security software vendors.
According to the Anti-Phishing Working Group (APWG), hackers were executing phishing scams and hijacking Web sites at a record pace throughout 2009, with no signs of slowing in the new year.
APWG researchers working at Panda Labs' research lab counted more than 152,000 different strains of bogus anti-malware apps in June, up from slightly more than 22,000 such applications in January 2009. It also found that more than 11.9 million computers were infected in the first half of 2009, up a staggering 66 percent from the same period in 2008.
7Safe officials said that more than 80 percent of all data breaches came from outside the company and defined 73 percent of these attacks as "unsophisticated."
However, while analysts say the most sophisticated attacks are fairly rare, they result in the greatest losses. Hacks requiring the most advanced skills accounted for 95 percent of all compromised records, according to the report.
Not surprisingly, 86 percent of the attacks were consummated through Web applications, a trend that vendors like Microsoft and Adobe are desperately trying to reverse.
Last month, Adobe released a critical patch for its Acrobat Reader and Acrobat applications after seeing a tremendous spike in attacks throughout December.
January 13, 2010
Adobe finally released its cross-platform fixes for zero-day vulnerabilities in its popular Reader and Acrobat applications.