SQL injection attack pertain to the SQL (Structured Query Language) programming language and consist of inserting corrupt SQL statements into an entry field. SQL is generally used in order to manage databases. Through the SQL code injection technique, a security breach in the software of an application can be exploited easily. Although SQL injection is mostly used in order to attack websites, any database that functions on SQL can be corrupted. The Open Web Application Security Project, OWASP for short has included SQL injection in its top 10 web application vulnerabilities list in 2007, and six years later in 2013 it peaked at top one.
Types of SQL Injection Attack
There are three main types of SQL injection:
Classic SQL injection, also known as in-band SQL injection
In-band SQL injection is the most common type of attack because it is the easiest one to exploit. This is performed by using the same channel in order to both launch the attack and gather the information. The two most common types of in-band SQL injection attacks are error-based SQL injection and union-based SQL injection.
Blind SQL injection, also known as inferential SQL injection attack
This type of attack is dubbed as being “blind” due to the fact that the attacker performing it is not able to see the results of the attack, but rather reconstructs the database. The two most common types of inferential SQL injection are content injections and time injections.
Out-of-band SQL injection
This type of attack is the most uncommon one because it is rare. This type of attack is the complete opposite of the in-band type, as the name might suggest, meaning that the attacker is not able to use the same channel to launch the hack and gather the information.
Recent SQL Injection Attacks
As previously mentioned, SQL injections are the number one vulnerability of web applications worldwide. This means that, especially in recent years, there have been many cases that involved this type of cyber attacks. More serious cases include the ones in February 2014. The month of February in the year 2014 saw three SQL injection attacks, out of which two happened on the same date, namely February 21st. A hacking group that went by the name of @deletesec successfully leaked over 100.000 user account details by means of such cyber attacks.
Famous universities around the world were also the constant target of such attacks. In October 2012, the personal information of students and staff of famous Ivy League schools such as Harvard, Princeton, Stanford, Cornell and Johns Hopkins came out online by a hacker group that aimed to raise awareness concerning the flaws of the modern educational system. Johns Hopkins was targeted again in March 2014, when their Biomedical Engineering Servers fell prey to a nefarious SQL injection attack which resulted in more data leak.
The most recent known SQL injection attacks occurred in October 2015, when British telecommunications company Talk Talk’s had its servers hacked by an unknown source, resulting in the theft of the personal details of as much as four million users.
Causes and Solutions
The main cause of SQL injection attack is the fact that many applications contain vulnerabilities. However, these attacks are easy to prevent. Dynamic database queries with user supplied input are what generates SQL injection flaws. There are two simple ways to prevent these flaws: either avoiding the writing of dynamic queries, or preventing user supplied input from affecting the software. Besides that two advice, following the recommended internet security tips is a must!
The prevention options are numerous and very easy to execute, and come in the form of prepared statements with parameterized queries, stored procedures, white list input validations or escaping all user supplied input. The last one is the most complex one of the bunch and therefore the most effective. A popular course of action for this is to hex-encode all input. Whatever the case may be, it is important to keep in mind the fact that you can prevent these attacks if you take the time to apply some simple measures. And what are those simple measure? You will find out at the best cyber security tips!