Hackers Breaching SQL Computer Systems: Threat to Our National Security{2}


by Irving A
In 2002 a pair of individuals penetrated U.S. government computer systems claiming they were doing it to call attention to the weakness of our national security. However, some analysts argue that they were only seeking publicity. The hackers, Deceptive Duo, broke into both government and private-sector computer systems. The systems they hacked include the Office of Secretary of Defense, the Space and Naval Warfare Systems Command, the Defense Logistics Agency, Sandia National Laboratories, the NASA Jet Propulsion Laboratory, Midwest Express Airlines and numerous banks. The hackers were exposed to personal details of employees by accessing data and Web servers. The hackers breached the system in two ways. One involved using Microsoft SQL servers, which they had a default password to log in. They noted some employees didn’t change the default password in their databases. They also hacked through NetBIOS brute force attack in which they repeatedly tried to guess passwords. Once they gained access, they took snapshots and uploaded them onto a website. Although many administrators were angered that sensitive information was revealed, they were now aware that default passwords should’ve been changed and they were now forced to make their databases more secure.

The spread of websites today is largely due to their content handles by databases. Database management is simplified by the SQL programming language. SQL, or structured query language, is a programming language designed to manage data in relational database management systems. The system relies on relational algebra and relational calculus. Its scope includes data insert, query, update and delete, schema creation and modification and also data access control. SQL is responsible for querying and editing information stored in a certain database management system. This system also makes me a lot easier for hackers to breach passwords as in the case of the Deceptive Duo in 2002. All SQL languages come with default administrators forget to change these passwords resulting in major sensitive data exposure.

Although hacking is viewed as something bad and even illegal, it is sometimes the wakeup call for many government sectors to improve database security. Default passwords should be changed prior to imputing sensitive data, not only in government, but also private-sector computer systems. Unfortunately, during the 2002 hacking incident, sensitive data was shared in websites which puts many at risk. However, the hackers do have a very strong point: administrators should have taken security measures on their computer systems and databases from the very beginning. They shouldn’t take any risks when it comes to sensitive government information. Although it has been almost ten years since that incident, hackers are only getting sneakier and more experienced leaving many worried about our national security.

Citation:

Rosencrance, Linda. “CNN.com – Duo hacks for the sake of national security? – May 6, 2002.” CNN.com – Breaking News, U.S., World, Weather, Entertainment & Video News. N.p., n.d. Web. 21 Nov. 2011. <http://archives.cnn.com/2002/TECH/internet/05/06/national.security.hackers.idg/index.html>.