Database Security, Secerno Solutions

by Palek S

Database Security (IT’s biggest problem)

            The author of this article, a security guru and managing director of UK company NGS David Litchfield, discusses database security and IT’s biggest problem by referencing the Black Hat conference where he exposed over 20 vulnerabilities in IBMs Informix database products. In this presentation I will discuss the top two most prevalent areas of weaknesses in database and new technology introduced as Secerno to supplement data security offerings and protect against hackers and data breaches.

In this day and age, database security is extremely important as big corporations and business have sensitive customer information. Client information, payment information, personal files, bank account details can be very difficult to replace and potentially dangerous if it falls into the wrong hands. Data lost due to disasters such as a flood or fire is crushing, but losing it to hackers or a malware infection can have much greater consequences. Recovering from information breaches can take years and the costs are huge as prevention is the key.

The two most prevalent areas of weakness in database are SQL injections and Buffer overflow as they are highlighted in ” SANS Top 20 Internet Security Vulnerabilities”. SQL injections are a serious growing problem and are a worrying example of attackers using invasive procedures which cannot be easily patched. In this tactic, an attacker takes advantage of incorrectly filtered SQL queries and other input information to pull any information he wants from a database. Without a victim knowing it, an attacker can simply write a line of code and let it sponge off  another, returning immense amounts of data to the hacker making the request. CardSystems security breach is a prime example of a SQL Injection attack where hackers stole 263,000 customer credit card numbers and exposed 40 million more. Upscale department store Neiman Marcus confirmed that its database of customer information was hacked last month around the same time as the attack on Target. The size of the breach at Neiman Marcus has not been determined, but like the attack in Target, it appears to be limited to the data of shoppers at its retail locations.

Buffer overflows is another key database problem and results when a buffer is assigned more data than it can hold. The buffer overflows into the next available memory space, overwriting the data. Buffer overflows are a unique kind of occurrence enabled by poor programming in certain languages that allow the use of fixed memory buffers for storing data and do not include automatic bounds checking. A buffer exists only within a specific, predetermined location within the computer’s memory, much like a country only exists within the boundary lines drawn on a map. Stepping outside these virtual lines results in problems not only for the program running, but for other programs on the system.

Companies that lose data or are hacked can face fines from regulators and loss of confidence from their customers. Rising demand for data protection products have caught the interests of Oracle as they are expected to expand Oracle’s portfolio of security solutions by acquiring Secreno who sells a family of database activity monitoring tools. Unique new technology being introduced by Oxford-based Secerno uses machine learning algorithms to allow users to build up a rich understanding of application to database behavior and to insist on database interactions conforming only to allowable behaviors. It represents the world’s first database application assurance platform. Solutions include series of hardware and software products called DataWall, which control how information in databases is accessed. DataWall monitors a database and blocks unauthorized access. Tracking database traffic works by building up a picture of normal traffic on any network. This allows it to spot any deviation from normal behavior and block it or send out an alert. According to the article, one of the primary success factors of DataWall is its Synoptiq engine which fingerprints the intent of all database requests and clearly shows exactly how an organization’s data is accessed or changed. Database  can be challenging as security must be considered at many levels and must anticipate many potential problems. I enjoyed this article as it provides you with tools and a solid approach to be a step ahead and allow the company back on the front foot proactive security rather than just too late reactivity.

 

Charlot, R. (n.d.). Providing an Infrastructure For A Cross-Database Management Too. IEEEXplore. Retrieved November 25, 2012, from 0-ieeexplore.ieee.org.opac.library.csupomona.edu/stamp/stamp.jsp?tp=&arnumber=100038

Ng, Wilfred and Levene, Mark (2013, November 5). Database Security is ITs Biggest Problem. Retrieved from http://www.itsecurity.com/news/ngs-database-security-070806/

Fan, J. (n.d.). Interactive SQL Query Suggestion: Making Databases User-Friendly. IEEEXplore. Retrieved December 3, 2012, from 0-ieeexplore.ieee.org.opac.library.csupomona.edu/stamp/stamp.jsp?tp=&arnumber=5767843

Jeremy, K. (2012, November 23). Symantec warns of malware targeting sql databases. Retrieved from http://www.pcworld.com/article/2016288/symantec-warns-of-malware-targeting-sql-databases.html

DiDio, L. (2010, September 19). ITIC » Posts » SQL Server Most Secure Database; Oracle Least Secure Database Since 2002. ITIC. Retrieved November 11, 2011, from http://itic-corp.com/blog/2010/09/sql-server-most-secure-database-oracle-least-secure-database-since-2002/

Musil, S. (2012, October 3). Hackers post data from dozens of breached college servers. Retrieved November 11, 2012, from http://www. http://news.cnet.com/8301-1009_3-57525684-83/hackers-post-data-from-dozens-of-breached-college-servers/

6 thoughts on “Database Security, Secerno Solutions

  • January 21, 2014 at 11:08 pm
    Permalink

    I find the Buffer overflow very interesting because it could cause security issues by a hacker who forces irrelevant information into the database which in turn erases meaningful data. I also took this as an internal security issue because if employees get careless they may accidentally override some data. Good post.

  • January 27, 2014 at 11:08 am
    Permalink

    After reading your blog, I did further investigating to gain more knowledge about SQL injections and found that many interesting things. To further explain how SQLI works, the user that is doing the SQLI inputs a SQL statement in a field that manipulates and does way more than the author of the code intended. Once a ill intended SQL statement is entered into a field, it can retrieve many private information that is no way intended for the public to see (as explained by your credit card example). To wrap up, your blog really helped expose me and help me gain interest to further my knowledge of database security and I thought your presentation was great!

  • January 27, 2014 at 7:06 pm
    Permalink

    Great job presenting last period and i really loved the topic as it was quite relevant to our majors.I definitely agree that it doesn’t take too much effort for a hacker to take advantage of a poorly written quarry and let it quietly send information back to the hacker so that they may do as they please with the information. Hopefully in the future of technology they have more checks and balance systems to make sure that these programming errors are reduced for the sake of the companies and their consumers.

  • March 18, 2014 at 5:13 pm
    Permalink

    I found the presentation interesting as Information Assurance is my emphasis. I recently went to a ISACA LA meeting where the presentation given was on SQL Injections. It was good to see a presentation about a topic I was familiar with.

  • March 18, 2014 at 5:33 pm
    Permalink

    For me it sounds SQL injections is easier to execute for hackers and Buffer overflows require understanding of the host’s memory sector setup. So, they can decide how much to overflow.
    Is it possible for the system to break before the hacker can retrieve the data due to too much overflow?
    Good post.

  • March 20, 2014 at 6:05 pm
    Permalink

    Database security always can be issued when we are using database. In Korea, A database was stolen a few month ago. The data in the database was fifty million people’s card information. It makes big problem. During internet shopping I always try to buy something in huge website because of security, but Sometimes I could not. Database is very imporatnt to people who live in now. However, security issuees also imporatnat too.

Comments are closed.