Fraser Howard talks to Carole Theriault about how SQL web attacks
are flooding the web.
IT security and control firm Sophos today announced the
availability of a new podcast discussing how SQL injection attacks,
where malicious and automated code attacks poorly configured
websites running databases, are a significant contributor to the
continued rise in web threats.
SophosLabs now sees a newly infected webpage every five seconds,
up from one every fifteen seconds in 2007.
In the podcast, Fraser Howard, principal malware researcher at
SophosLabs, is interviewed by Carole Theriault about how innocent
websites are being compromised in order to infect larger numbers of
surfers. Howard also offers free advice for administrators and web
surfers on how to avoid becoming victimised by these automated
attacks.
SQL injection attacks are designed to exploit security
vulnerabilities and insert malicious code - in this case script
tags - into a website running a database. The attack takes
advantage of user input, for instance, on a webform not being
correctly filtered or checked, thereby allowing it to execute as
code, peppering the database with malicious instructions.
Once organizations realize they have been hit, they clean up
their databases but don't fix the underlying problem that got them
attacked in the first place, which results in the site getting
infected again, often in a number of hours.
"This is the biggest online threat today, and firewalls cannot
offer help because they are configured to allow web traffic. Most
online shopping sites, where the web surfer needs to enter data,
have databases, so, if improperly coded as many seem to be, the
risks are daunting," said Carole Theriault host of
the Sophos podcasts. "Basically, this is a case where ignorance
isn't bliss. With so many administrators potentially unaware that
their databases are poorly coded and threatening to compromise
their visitors, I quizzed Fraser on what web administrators can do
to mitigate the threat and how web surfers can try to avoid
becoming infected."
All Sophos podcasts are available for download at www.sophos.com/podcasts. Past podcasts have covered
topics such as corporate security policies, rootkits, protecting
educational establishments, and the latest trends in viruses and
spam.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.