SQL injection

An SQL injection is a form of cyber attack in which an attacker uses a piece of SQL (“Structured Query Language”) code to manipulate a database and access potentially important information.

It is one of the most prevalent and threatening types of attacks because it can potentially be used to harm any web application or any website that uses an SQL database.

The major attacks on Sony Pictures and Microsoft are just a few striking examples.

How does SQL injection work?

In standard software processes, an SQL query is essentially a request sent to a database (a computerized information repository) for some type of activity or function such as a data query or execution. an SQL code.

This is the case, for example, when connection information is sent via a web form to allow a user to access a site.

Usually, this type of web form is designed to accept only very specific types of data, such as name and / or password. When this information is added, it is checked against a database and, if it matches, the user is allowed to enter. Otherwise, it is deprived of access.

Potential problems can arise because most web forms have no way to stop entering additional information on the forms. Hackers can exploit this flaw and use the form's input boxes to send their own requests to the database. This could potentially allow them to perform several types of malicious activity, ranging from theft of sensitive data to manipulating database information for their own purposes.

A growing problem

Due to the prevalence of websites and servers that use databases, the SQL injection attack method is one of the oldest and most common types of cyberattacks.

Several developments within the hacker community have increased the risk of this type of attack, including the emergence of automated SQL injection programs.

Available free from open-source developers, automated SQL injection programs allow cybercriminals to automatically launch attacks in just a few minutes. They can thus access all tables or columns of the database with a single click, with a single attack process.

Prevention

There are several ways to prevent these types of attacks, including the use of a web application firewall, such as the firewalls available in several Kaspersky Lab security solutions. Another preventative measure is to create multiple user accounts for the database so that only specific and trusted individuals can access the database.