by Palek S
Database Security (IT’s biggest problem)
The author of this article, a security guru and managing director of UK company NGS David Litchfield, discusses database security and IT’s biggest problem by referencing the Black Hat conference where he exposed over 20 vulnerabilities in IBMs Informix database products. In this presentation I will discuss the top two most prevalent areas of weaknesses in database and new technology introduced as Secerno to supplement data security offerings and protect against hackers and data breaches.
In this day and age, database security is extremely important as big corporations and business have sensitive customer information. Client information, payment information, personal files, bank account details can be very difficult to replace and potentially dangerous if it falls into the wrong hands. Data lost due to disasters such as a flood or fire is crushing, but losing it to hackers or a malware infection can have much greater consequences. Recovering from information breaches can take years and the costs are huge as prevention is the key.
The two most prevalent areas of weakness in database are SQL injections and Buffer overflow as they are highlighted in ” SANS Top 20 Internet Security Vulnerabilities”. SQL injections are a serious growing problem and are a worrying example of attackers using invasive procedures which cannot be easily patched. In this tactic, an attacker takes advantage of incorrectly filtered SQL queries and other input information to pull any information he wants from a database. Without a victim knowing it, an attacker can simply write a line of code and let it sponge off another, returning immense amounts of data to the hacker making the request. CardSystems security breach is a prime example of a SQL Injection attack where hackers stole 263,000 customer credit card numbers and exposed 40 million more. Upscale department store Neiman Marcus confirmed that its database of customer information was hacked last month around the same time as the attack on Target. The size of the breach at Neiman Marcus has not been determined, but like the attack in Target, it appears to be limited to the data of shoppers at its retail locations.
Buffer overflows is another key database problem and results when a buffer is assigned more data than it can hold. The buffer overflows into the next available memory space, overwriting the data. Buffer overflows are a unique kind of occurrence enabled by poor programming in certain languages that allow the use of fixed memory buffers for storing data and do not include automatic bounds checking. A buffer exists only within a specific, predetermined location within the computer’s memory, much like a country only exists within the boundary lines drawn on a map. Stepping outside these virtual lines results in problems not only for the program running, but for other programs on the system.
Companies that lose data or are hacked can face fines from regulators and loss of confidence from their customers. Rising demand for data protection products have caught the interests of Oracle as they are expected to expand Oracle’s portfolio of security solutions by acquiring Secreno who sells a family of database activity monitoring tools. Unique new technology being introduced by Oxford-based Secerno uses machine learning algorithms to allow users to build up a rich understanding of application to database behavior and to insist on database interactions conforming only to allowable behaviors. It represents the world’s first database application assurance platform. Solutions include series of hardware and software products called DataWall, which control how information in databases is accessed. DataWall monitors a database and blocks unauthorized access. Tracking database traffic works by building up a picture of normal traffic on any network. This allows it to spot any deviation from normal behavior and block it or send out an alert. According to the article, one of the primary success factors of DataWall is its Synoptiq engine which fingerprints the intent of all database requests and clearly shows exactly how an organization’s data is accessed or changed. Database can be challenging as security must be considered at many levels and must anticipate many potential problems. I enjoyed this article as it provides you with tools and a solid approach to be a step ahead and allow the company back on the front foot proactive security rather than just too late reactivity.
Charlot, R. (n.d.). Providing an Infrastructure For A Cross-Database Management Too. IEEEXplore. Retrieved November 25, 2012, from 0-ieeexplore.ieee.org.opac.library.csupomona.edu/stamp/stamp.jsp?tp=&arnumber=100038
Ng, Wilfred and Levene, Mark (2013, November 5). Database Security is ITs Biggest Problem. Retrieved from http://www.itsecurity.com/news/ngs-database-security-070806/
Fan, J. (n.d.). Interactive SQL Query Suggestion: Making Databases User-Friendly. IEEEXplore. Retrieved December 3, 2012, from 0-ieeexplore.ieee.org.opac.library.csupomona.edu/stamp/stamp.jsp?tp=&arnumber=5767843
Jeremy, K. (2012, November 23). Symantec warns of malware targeting sql databases. Retrieved from http://www.pcworld.com/article/2016288/symantec-warns-of-malware-targeting-sql-databases.html
DiDio, L. (2010, September 19). ITIC » Posts » SQL Server Most Secure Database; Oracle Least Secure Database Since 2002. ITIC. Retrieved November 11, 2011, from http://itic-corp.com/blog/2010/09/sql-server-most-secure-database-oracle-least-secure-database-since-2002/
Musil, S. (2012, October 3). Hackers post data from dozens of breached college servers. Retrieved November 11, 2012, from http://www. http://news.cnet.com/8301-1009_3-57525684-83/hackers-post-data-from-dozens-of-breached-college-servers/