Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Database Monitoring Critical to Fighting SQL Injection, Few Do it: Survey

SQL injection attacks are far from new, and the consequences of being vulnerable to them are hardly unknown.

SQL injection attacks are far from new, and the consequences of being vulnerable to them are hardly unknown.

However, a survey of 595 IT security experts indicates that many organizations may not be doing enough to address them. According to a survey by the Ponemon Institute, only 33 percent said their organizations were scanning their active databases either continuously or daily. Forty-seven percent said they did it irregularly or not at all. Despite those numbers, continuous monitoring of databases was cited by 65 percent of respondents as the best way to avoid a breach of databases. 

“While details of the recent retailers breach haven’t yet been fully disclosed by the retailers who were breached or the U.S. Secret Service in charge of breach investigations, this study offers some interesting industry insight into these events from IT security professionals and experts familiar with PCI DSS,” said Dr. Larry Ponemon, founder and chairman of the Ponemon Institute, in a statement.

For the most part, the respondents felt that criminal cyber-syndicates are to blame for the large retail breaches, whereas just 16 percent believe a lone wolf perpetrated the attack. Twenty-three percent blamed hacktivists, while 11 percent pointed the finger at nation states.

“A contentious topic among retail customers is the time required for the notification of a breach of payment card data and/or personal information,” according to the report. “IT security professionals understand what’s a reasonable time frame given their understanding of the process required to identify the scope of a particular data breach and precisely whose information has actually been breached.”

“Thirty-six percent of respondents believe there should be no specific timeframe and notification should occur only after a thorough investigation has concluded,” the report states. “However, 53 percent say response time should be faster… 34 percent say notification should take place in less than a month, 17 percent say it should be less than a week and 2 percent say less than three days.”

According to the report, 65 percent of the respondents said they were hit with a SQL injection attack that successfully evaded their perimeter defenses in the last 12 months. 

“It’s well known that database breaches, including these high-profile attacks against the retailers, are devastating to merchants in terms of lost sales and damage to their reputation,” Brett Helm, chairman and CEO of DB Networks, which sponsored the survey, said in a statement. “This study sheds additional light on the likely attack chain so that all retailers can now be more prepared in the future.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...