Hacking Using SQL injection

by Stefan S
Based on this recent article, it’s found that SQL injection is still commonly used as one of the top methods in attacking database. Over the last weekend, the SANS Internet Storm Center found about 1 million URLs worldwide infected by ‘lilupophilupop’ malware. The most infections occurred in The Netherlands domain. Public report regarding this attack is expected to continually increase.

In this era there are many website using database driven. As the technology advances there is an increase in the number of people trying to use technology in a negative way. In the recent years the practice of hacking has become more common as the technology advances. The particular method they use nowadays is the SQL injection. SQL injection is a method to attack the security of a website by inputting SQL statements in a web form. The SQL commands injected the web form into the database and enable the hacker to change the database content or to capture database information.

This article relates to our class on giving us an idea of how one database attack can lead to serious damage to many others. For example, the wrong us of database such as obtaining credit card information illegally can lead to an identity theft.

Security is very important when dealing with database. Precaution should always be taken to avoid damage or further destruction of the system.

Reference:
Higgins, K. (2012, 1 5). Sql injection hack infects 1 million web pages. Retrieved from http://0-search.proquest.com.opac.library.csupomona.edu/docview/914283896/13424E708405A0A330E/19?accountid=10357

1 thought on “Hacking Using SQL injection”

  1. I never knew what SQL injection was. After reading this I am actually very interested on how it works internally. I do agree that as there becomes more technology throughout business the risk of hacking increases. Also I would like to know what kind of steps are needed so websites and databases can not be hacked or the steps used to prevent such attacks.

Comments are closed.