DDoS Attacks May Have the Headlines, but Don’t Ignore SQL Attacks

Sue Marquette Poremba

Distributed Denial of Service (DDoS) attacks have been at the forefront of security conversations lately, largely due to the number of hits against the banking industry. In his blog at CircleID, Rodney Joffe pointed out a number of reasons why DDoS attacks are becoming more dangerous, including this observation:

DDoS attacks have entered a dangerous new phase. A combination of size and intelligence marked these attacks. While they peaked at between 60 and 150 Gbps (most DDoS attacks are smaller than 1 Gbps), the assaults on banks involved only 2,000 — 3,000 computers, not the tens or hundreds of thousands we've seen in botnets before. The difference: most of the compromised systems were powerful business machines, rather than traditional home computers, with access to significantly more bandwidth to help flood connections. First, the attackers hit web resources with large numbers of HTTP (web) traffic and then moved on to DNS servers, which tend to be more vulnerable. The result was a curious hybrid: a highly strategic, brute-force attack that left its victims reeling. Clearly, the attackers were well acquainted with how the Internet works.

Joffe also pointed out that traditional methods for fighting DDoS attacks aren’t working anymore, so we need to find new methods. I’d like to add, while we are trying to protect from DDoS, we also need to take a closer look at how we are protecting our systems from SQL attacks. Why pay more attention to SQL attacks? Because, according to a new report from Imperva, that’s what the hackers are talking about.

In its Hacker Intelligence Initiative report, the Imperva research team looked at one of the best-known and one of the largest hacker forums, as well as smaller hacker forums, to see what they were talking about. According to the report, they discovered:

SQL injection is now tied with DDoS as the most discussed topic. Both topics got 19% of discussion volume. Last year, SQL injection was second with 19%, and DDoS came in first place with 22%. Ironically, of the $25 billion spent on software security, and we believe this means less than 5 percent of security budgets is allocated to products that cannot even recognize SQL injection attacks – let alone stop them. We believe this imbalance encourages hackers to continue to learn and deploy this attack method.

In fact, companies like Symantec and ImageShack are some of the most recent (and visible) victims of a SQL injection — and the attack was not the work of Anonymous but another hacking group called Hack the Planet. (PayPal was also rumored to have been hit, but the company has said it was not.)

And yet, Imperva found, only 5 percent of the average enterprise security budget is going to protect SQL injection attacks.

One of the most difficult tricks to data security is staying one step ahead of the bad guys. Now that we know that nearly 40 percent of discussion among hackers involves DDoS attacks and SQL injections, isn’t it time to be looking at how enterprise security is approaching those methods?



Add Comment      Leave a comment on this blog post

Nov 12, 2012 4:18 AM Datenrettung Berlin Datenrettung Berlin  says:
I'm starting to think that the internet i used to know is fading away. It's getting more dangerous day after day. At 1st, DDoS seemed just to be a small threat for users website, then it was grown up to something more dangerous and made people create some methods to defend against it. Now that "old methods" don't work anymore and while people are trying to firgure out some new methods, SQL attacks is appeared. It looks like the more we "fight" against it, the more dangerous they will become. Thank you very much for your helpful news. Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data