SQL Injection

What is SQL Injection? SQL (structured query language) Injection is a computer attack in which malicious code is embedded in a poorly-structured application. The malicious data then produces database query results or actions that shouldn’t be executed. This is an extremely common vulnerability in unsecured websites. Once an attacker has completed the injection, then they are able to extract any and all data in the database, which could be consumer information (such as addresses, credit card numbers, and even social security numbers). As you can see that information should be securely stored at all times.

SQLi or SQL Injection is one of the most common attacks known and performed by hackers each year. Even in 2017, after all of the latest breaches and leaks you think that companies would secure sensitive information that can leave their business at risk. In most cases all of the major companies like Google, Amazon, & Apple have defense in place against this vulnerability; However, many smaller companies still have not fixed this issue. Why is this vulnerability so common you may ask, because it takes literally no effort for someone to perform this attack. There are dozens of free applications that preform the whole attack process on the vulnerable website, with little to no computer science knowledge. (Ex. Havij) However, each program is different and the strength and complexity of the attack can be manipulated differently, from let’s say Kali Linux to Havij. Kali Linux is strictly a command line based attack with no graphic user interface; Havij is an automated program with a graphic user interface, all you have to do is put in the vulnerable website’s address and it does the rest for you. It finds all the details for you such as the integer type and database key words. It also has a MD5 hash password cracker; Once you get into the database and you find the information is encrypted, the program can crack it and reveal the encrypted data. This is exactly why it is so easy for someone with little computer knowledge and skills to gain access to sensitive data. These programs are all over the internet and can be found with a little digging.

How can you protect your small business from an SQL Injection attack? You can do this in various ways, such as hiring a pen tester (someone who you pay to literally hack your website and tell you exactly how to fix vulnerabilities) or using NIST standards (National Institute of Standards & Technology). NIST standards are very reputable and high respected in the cybersecurity and information security industries. There are always alternatives based on your budget, but I highly recommend staying up to date with all security standards because in the long run it will only benefit your business and economic growth.

Disclaimer: The purpose of this blog is to ensure the continuous growth and development of cybersecurity and IT knowledge. I DO NOT condone any malicious actions or anyone with malicious intent. Anything you learn from this blog is strictly meant for educational purposes ONLY.

Equifax Data Breach

In July 2017, Equifax had discovered there was a data breach which happened to be the largest in history. Over 145 million users’ sensitive information was lost and exposed. The full names, social security numbers, birth dates, addresses, and even some driver license numbers were lost. Equifax also stated that over 200,000 consumers credit card numbers were taken in the attack. The attack even impacted residents in the United Kingdom and Canada. Unfortunately, attacks like this one are so critical because it could cripple the whole business like in this case.

Equifax CEO Richard Smith, knew about the vulnerabilities but did nothing about it and their customers are paying the price. In today’s world, events like this are so unpredictable because as a consumer they have no idea if their information is actually secured. The crazy part about this whole mess is that no executives will go to jail for the breach. Equifax is facing class action law suits and a FTC investigation; however, the worst that can happen for the executives is that they are asked to resign. Currently there is no federal law in place when it comes to consumer data.

So you may be asking how did this happen? Large businesses and organizations use a tool called Apache Struts. Equifax used this program to support its online portal to deal with credit reports and issues. Hackers found a flaw and used it to take control of a website granting them access to various sensitive personal information. On August 2^nd Equifax contacted Mandiant a cybersecurity and incident response firm, which was able to determine a sequence of breaches from May 13^th through July 30^th 2017. Once Equifax distinguished a vulnerability in their system, they should have removed the application immediately from preventing even more damage. The Equifax breach was the largest breach in history to date and it will only cause problems for consumers for years to come.

Software Updates & Patches

If we took a survey of average technology users, I believe there would be about 45-50% of people who do not update their software or applications. Many people do not realize why this is so crucial to do. If user’s keep ignoring updating your applications, it will be putting your sensitive information at serious risk.

Every company or corporation that has software available for public use has released a patch or update at some point. What is the point of updating software you ask; because these patches are to fix security vulnerabilities and flaws. Many exploits deal with a user’s sensitive information. For example, Microsoft’s October patch fixed 62 in Word and other applications. 62 FLAWS. This is just from one month’s patch. Think about if someone did not update their applications for 6 months. There would be numerous vulnerabilities putting you at risk. One of the main flaws was found in only Windows 10. This flaw allowed Windows 10 users to run unmodified Linux binary files. If this was not fixed there was no telling the severity what exactly could be exploited. This is just one of the many faults that could be used to the attacker’s advantage. Another critical flaw deals with word files, if someone were to open the malicious file it would give the attacker full control over the user’s system.

The main reason of people not updating is because of lack of knowledge. If everyone knew the repercussions of not updating, I am positive they would do so. All it takes is just someone with malicious intent and a little computer knowledge to take advantage of innocent people. I hope people are able to see the importance of staying up to date on the products they use.

Top 3 Cybersecurity Bad Habits

You know when you were a kid and your parents told you not to do something and it always made you want do it more? It’s funny how that can be applied to numerous different aspects of life, such as information security and cybersecurity. In this week’s blog entry I am going to explain the top 3 cybersecurity bad habits that people take for granted every day.

Email Protection

One of the most common issues on the web is email security. Whether it be from phising attacks, email hacking, or even email spoofing. Phising is when you receive a suspicious email attached with a malicious link. This can easily be prevented by most email provider’s spam filters but if that doesn’t catch it, then simply not open an email from someone you don’t personally know. Email hacking occurs when people have low security on their accounts. To improve one’s security you can enable 2 step verification. 2 step verification allows you to receive text messages when someone logs into your account. Email spoofing is when the sender alters the email to look like its coming from someone else. Email spoofing goes along with phising and spear phising attacks. However, if you received a spoofed email usually the email provider will alert you that the email’s integrity has been compromised.

Unsatisfactory Password Practices

Ever since the existence of the internet users have always used weak passwords and that will never change. Did you know that most commonly used password is 123456? People also tend to use the same password across different platforms. Why do people do this, because of laziness. Having weak passwords are putting a lot of sensitive information at risk. There are endless password cracking tools out on the internet that specialize in cracking simple passwords by brute forcing. A brute force attack is when a computer either uses a dictionary or wordlist to try all the possible outcomes of the password. That is why it is so important to create unique passwords with special characters and acronyms to prevent such attacks.

Data backup & Recoveries

Many people do not understand the importance of data backups. Ransomware is a malware that infects your device and locks all of your files unless you pay a ransom, if the amount is not paid in a given timeframe it will delete all of the files. This will cause a loss of valuable personal and business data. Ransomware is predicted to cause over $5 billion in damages in 2017. The best way to protect yourself against these attacks is to back up your files on a regular basis. Hopefully you understand why you should take action and back up your data or the consequences could be disastrous.