Critical Thinking Assignment 5-4 PDF

Preview

Summary

Critical Thinking Assignment...

Description

Critical Thinking 5-4: SQL Injection Attacks SQL injection attacks continue to be a significant attack vector for threat actors. Use the Internet to research these attacks. What are some recent attacks that have been initiated by SQL injection? How were they conducted? What defenses are there against them? Write a one-page paper on your research. SQL is a standardized language used to access and manipulate databases to build customizable data views for each user. SQL queries are used to execute commands, such as data retrieval, updates and record removal. SQL injection is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. An attacker wishing to execute SQL injection manipulates a standard SQL query to exploit non-validated input vulnerabilities in a database. One of the most notable SQL attacks involved numerous companies and a small gang of Russian cybercrooks. The gang targeted companies including NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. After penetrating networks, the attackers would avoid detection by tweaking settings on company networks so that security mechanisms couldn’t log their actions, or they managed to figure out how to slip past the protection of security software entirely. They turned the financial data, card numbers, and associated data into profit by selling it either through online forums or directly to individuals and organizations. Then, the purchasers would encode each data dump onto the magnetic strip of a blank plastic card and cash it out by withdrawing money from ATMs or buying stuff with the cards. There are several effective ways to prevent SQL attacks from taking place, as well as protecting against them, should they occur. The first step is input validation, which is the practice of writing code that can identify illegitimate user inputs. However, this is not a silver bullet solution. Next, you should employ methods to ensure you are as minimally vulnerable to potential SQL injection attacks as possible. You could perhaps go for a quick and easy match against common SQL query keywords in URLs and just simply block them. This does not protect against everything. SQL injection parameters can still be passed via POST values or other RESTful-type URLs. So a web application firewall (WAF) is commonly employed to filter out SQL, as well as other online threats. To do so, a WAF typically relies on

a large, and constantly updated, list of meticulously crafted signatures that allow it to surgically weed out malicious SQL queries. It must be updated regularly. Sources: https://www.incapsula.com/web-application-security/sql-injection.html https://www.acunetix.com/websitesecurity/sql-injection/ https://www.veracode.com/security/sql-injection https://www.netsparker.com/blog/web-security/sql-injection-vulnerability/ https://www.owasp.org/index.php/SQL_Injection https://nakedsecurity.sophos.com/2018/02/19/hackers-sentenced-for-sqlinjections-that-cost-300-million/...