Sharp rise in SQL injections
FireHost revealed the latest statistical analysis of attacks successfully blocked by its servers. During the period of April to June 2012, web applications, databases and websites spread across 33 countries worldwide experienced a total of 17 million cyber attacks, of which more than two million were categorized as the most serious kind of attack, the Superfecta.
The Superfecta is a group of four attack types considered by FireHost as being the most malicious and dangerous – they are Cross-site Scripting (XSS), Directory Traversals, SQL Injections, and Cross-site Request Forgery (CSRF).
One of the most significant changes in attack traffic seen between Q1 and Q2 2012 was a 69% increase in SQL Injection attacks. Rising from 277,770 blocked attacks in the first quarter, to 469,983 between April and June, this type of attack is frequently cited as an attack vector of choice for data thieves.
“Many, many sites have lost customer data in this way,” said Chris Hinkley, Senior Security Engineer at FireHost. “SQL Injection attacks are often automated and many website owners may be blissfully unaware that their data could actively be at risk. These attacks can be detected and businesses should be taking basic and blanket steps to block attempted SQL Injection, as well as the other types of attacks we frequently see.”
“One thing we can always expect is for the security threat landscape to change quickly and be very fluid. With so many moving parts, hosters and service providers need to ensure that transparency is a core element of their security strategy,” said Philbert Shih, managing director of Structure Research.
“Companies that are able to provide realtime customer data that can speak to market threats not only do right by their customers but contribute to the research community’s knowledge and understanding. Spotting a rise in SQL Injection hack attempts, for instance, is not something to overlook and should be seen as a warning to all who monitor this space,” Shih added.
“Some of the data theft incidents that are reported in the media are precisely targeted, but a more substantial risk to most comes from an abundance of automated, malicious bots that attack websites in a more random fashion,” said Todd Gleason, Director of Technology at FireHost. “Businesses should take readily available and basic steps to block any kind of unwanted traffic from accessing their sites. Mitigating Denial of Service attacks and ensuring web applications are secure can go a long way toward fighting off these random attacks.”