Question

SQL injection attacks continue to be a significant attack vector for threat actors. Use the Internet to research these attacks. What are some recent attacks that have been initiated by SQL injection? How were they conducted? What defenses are there against them? Write a one-page paper on your research.

Answer 1

Some recent attacks that have been initiated by SQL injection and how they were conducted:
* In the month of August of 2020, an SQL injection attack was carried out for accessing the information on many Stanford students' romantic interests. This was possible "due to insecure data sanitization standards" on the part of Link- a start-up that was founded on campus.
* In October of 2015, an SQL injection attack was carried out for stealing over 156,000 customers' personal details from the servers of British telecommunications company "TalkTalk". The attack "exploited a vulnerability" in a legacy web portal.
* In 2012, the month of July, a hacker group stole 450,000 login credentials such as usernames and passwords from Yahoo!. "The login credentials were stored in plain text" and they were allegedly taken from a Yahoo subdomain called Yahoo! Voices. The hacker group breached the security of Yahoo using a "union-based SQL injection technique".

Defenses that are there against SQL injection attacks:
* Dynamic queries must not be used.
* Security checks (input validation) must be integrated.
* Captcha queries must be used proving the user is not a robot. Captcha queries must be used for protecting forms and allowing better intern information processing.
* The input validations of a Whitelist must be used.
* Stored procedures must be used. Some stored procedures may have the same effect as parameterized queries.
* Parameterized database queries should be provided as they prevent attackers or hackers from changing queries intents.
* One should limit the permissions on the database login that is used by the web application, to only what is required to do. Doing this may reduce the effectiveness of any SQL injection attack exploiting any bug in the web application.
* Integer, float, boolean, or string parameters should be checked to see if their value is a valid representation for the given type.
* One should escape characters having a special meaning in SQL. This would provide a way that is error-prone, thus preventing injections.
* One should use database firewalls for detecting SQL injections that are based on the number of invalid queries from the host.
* It must be made sure all web application software components are kept up to date with the latest security patches and without leaving any place for vulnerabilities.
* One should avoid using shared database accounts between different websites or applications.
* SQL statements from database-connected applications must be regularly monitored.
* The database credentials must always be kept encrypted and separated safely.
* Ensure only minimal information about the error messages is displayed to the users, not letting them about your database architecture in any way.
* Remove or delete any database functionality no longer needed for preventing it from being misused, exploited, and attacked by hackers, thus limiting the attack surface.