Alert Logic August 2006 SMB IT Network Security Update: Medium-Size Financial Services Firms Targeted by SQL Injection Attacks.HOUSTON -- On-Demand IT Security Company Alert Logic Finds SQL Injection SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not Attacks Account for Up to 90 Percent of Monthly Threats to SMB (1) (Small to Medium-sized Business) Also called "SME" (small to medium-sized enterprise), it refers to companies that are larger than the small office/home office (SOHO), but not huge. Financial Firms Alert Logic, the only IT network security company leveraging a Software-as-a-Service (SaaS) platform to deliver on-demand protection to mid-sized businesses, reports that SQL injection attacks comprise the overwhelming majority of attacks on medium-size financial firms it provides network protection for. While SQL injection attacks typically make up 20 percent of attacks aimed at other SMB markets See SMB. , Alert Logic has found that SQL injection attacks account for 90 percent of attacks logged against its financial clients over the past quarter. SQL injection attacks leverage software vulnerabilities to insert malicious code into databases - they cannot be stopped by firewalls because they appear to be legitimate network traffic. If the breach is successful, hackers are potentially able to read files stored in sensitive databases. For financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. companies, breaches in database security are among the most damaging attacks faced due to the sensitive nature of data stored in financial firm databases. The overwhelming number of SQL injection attacks aimed at financial services firms, discovered through Alert Logic's 24X7 network surveillance service, is further evidence of the specific targeting of SMBs by hackers and criminal organizations. In the past, most email-borne IT threats were designed to hit as many companies as possible, regardless of their size or business niche. Criminal organizations have changed those tactics to specifically target SMBs, who often depend solely on firewalls for network protection and as a result are not sufficiently protected from well-designed attacks tailored for individual business sectors, such as financial services. Chris Smith Chris Smith is the name of: In politics:
v. lin·gered, lin·ger·ing, lin·gers v.intr. 1. To be slow in leaving, especially out of reluctance; tarry. See Synonyms at stay1. 2. thoughts that SMBs had regarding their ability to be under the radar This article is about the magazine. For other uses, see Under the Radar (disambiguation). Under the Radar is an American magazine that bills itself as "The solution to music pollution." It features interviews with accompanying photo-shoots. for these criminal hacking See hack and hacker. groups should be gone. SQL injection attacks are the best way to get to database information and for financial services firms, database information is the most sensitive. Any medium-size financial services company depending on firewall and antivirus Refers to detecting and blocking computer viruses. See antivirus program, behavior blocking, virus and virus hoaxes. protection alone is not sufficiently protected and has probably already been breached." SQL injection attacks can be detected and stopped through the use of 24X7 network intrusion protection technology. Hosted network security solutions, such as Alert Logic, are able to stop SQL injection attacks that are not stopped by firewalls - they also provide around the clock network surveillance, up-to-date threat detection technology and quick reaction time to any security alerts. About Alert Logic Alert Logic improves internal network security at a fraction of the cost of conventional network security products. Its unique on-demand delivery model combines appliance-based threat management technology with dedicated security experts who monitor networks for threats 24x7 - delivering better security for minimal effort and cost. As a result, Alert Logic customers can detect threats, protect assets, and correct exposures before they impact their businesses. Headquartered in Houston, Texas “Houston” redirects here. For other uses, see Houston (disambiguation). Houston (pronounced /'hjuːstən/) is the largest city in the state of Texas and the , more information about Alert Logic's Network Protection On Demand is available at www.alertlogic.com |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion