SecureWorks Anticipates Attacks
SecureWorks has seen a dramatic increase in hacker attacks attempted against its banking, credit union and utility clients
ATLANTA -- SecureWorks, a leading Managed IT Security Services Provider, announced that it has seen a dramatic increase in the number of hacker attacks attempted against its banking, credit union and utility clients in the past three months using SQL Injection (a type of Web application attack). "From January through March, we blocked anywhere from 100 to 200 SQL Injection attacks per day," said SecureWorks CTO Jon Ramsey. "As of April, we have seen that number jump from 1,000 to 4,000 to 8,000 per day," said Ramsey.
"The majority of the attacks are coming from overseas," said Ramsey. "And although we certainly see a higher volume with other types of attacks, what makes the SQL Injection exploits so worrisome is that they are often indicative of a targeted attack." This is a type of attack where the hacker has targeted a particular organization, versus a worm which spreads indiscriminately.
"Depending on the sophistication of the attacker, the online criminal can potentially gain access to a bank or utility company’s key customer databases containing social security numbers, account numbers, credit card numbers, email addresses, etc," continued Ramsey.
SQL Injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to an organization’s resources or to make changes to data. Using this technique, hackers can determine the structure and location of key databases and can download the database or compromise the database server. "What makes this vulnerability so pervasive is that SQL Injection attacks can prey on all types of Web applications - even those as simple as a monthly loan payment calculator or a ‘signup for our customer newsletter’ form," said Ramsey.
Read more about:
2006About the Author(s)
You May Also Like
Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024