3 cc’s of SQL Injections Can Kill You

by James C
Summary:

According to Joseph Menn, the threat of weaknesses in cybersecurity has become a threat that is constantly growing. Despite growing concerns, large companies are still not allocating enough funding to meet the demands that are being experienced. Despite talks of battling cybercrime companies have expressed an underlying sediment of hopelessness in fighting what has been conceived as an uphill battle. The attacks that are being performed are not from seasoned attackers but rather younger criminals that use scanning tools to probe and exploit the vulnerabilities of a company’s system. The second most used technique used by these attackers, and one that cost Sony $170 million, was a SQL injection attack. This type of attack is preventable at a minimal cost, and requires as little skill to perform as a denial-of-service-attacks.

Reflections:

I agree that many companies have both no clue to which direction to go in protecting their systems, and also don’t have the proper personnel to implement a proper plan. The ignorance of many companies lies mainly in the business world. As business’ concentrate mainly on making profits they don’t respect the importance of protecting it.

In part, many of these companies are not to blame completely. The advances of technology, both hardware and software, has made it almost impossible to completely rely on in-house IT security. I have personally seen the constantly evolving field of IT change from simple ring networking to VPN to now cloud computing. The vulnerabilities of each technology still exist because many companies reluctantly choose to evolve with the times.

Citations:

Menn, J. (2011, Nov 01). A war marked by fatalism and denial. Financial Times, pp. 1.

Retrieved from http://search.proquest.com/docview/901259011?accountid=10357