by Penny P
Anyone can be a victim of a hack attack. Apple became victim to an attack by the hacker group known as Anonymous. The attack did not affect customer data, but instead targeted the server that Apple uses to process the data of their technical support follow ups. Results of the attack “revealed 27 internal Apple user names and passwords” (Murphy). Anonymous had posted this information to Pastebin, which is a website where users can store text. The method of the attack on Apple was not announced, but it was suspected that it was due to an SQL injection attack. The Department of Homeland Security had listed this type of attack as the “Web’s most dangerous security vulnerability” (Murphy). Another hacker group, Lulzsec, performed similar SQL injections to companies such as Sony Pictures and PBS. There have been rumors that former members of Lulzsec had joined the Anonymous group.
This article shows another example of how SQL injections can be used for malicious intentions. The idea of SQL injections being so serious that it was listed on the Homeland Security’s report is pretty crazy. It’s just amazing to see how a useful tool for database could be turned and used against people. This goes to show that people have to be extra cautious in their designs. Especially for those who designed it without the idea that SQL injections could be of harm to their database. I learned from previous articles that SQL injections were not at all common in the beginning. But since they have begun to surface more and more, people really need to step up their security to protect their data.
Murphy, D. (2011, July 4). PC Mag. Retrieved from http://www.pcmag.com/article2/0,2817,2388025,00.asp.