If recent breaches of corporate data stores teach us nothing else, they teach us that that a database compromise can be extremely damaging -- and expensive. They also underscore the importance of strong database security policies. If data is a target, then the walls around that target must be as difficult to scale as possible.
"Servers and databases have continued to be a crucial target for hackers," says John Harrison, senior manager at Symantec Security Response. "More and more information is readily being stored on them. ... Just in terms of identities exposed via data breach in 2011, there were 232.4 million, with more than 1.1 million identities exposed per breach on average. That provides insight into the scope of the issue."
But planning a good defense means understanding a good offense -- in this case, what hackers do and what they want. From SQL injection vulnerabilities to user provisioning to poor configurations, attackers will use whatever foothold they can find to circumvent security.
Not all hackers want to monetize your data; some just want to splash it all over the Internet. An example of this would be the hack late last year of security think tank Stratfor Global Intelligence, in which hackers associated with LulzSec compromised Stratfor’s network and stole confidential information. According to Verizon’s latest data breach report, hacktivists were tied to 58% of the stolen records in the breaches the firm investigated.
Then there are the insider threats -- people like database administrator Steven Jinwoo Kim, who was sentenced to a year in prison in 2010 after admitting that he accessed the GEXA Energy corporate network after he was fired from the company, stole information and tampered with the database.
We don't always know what motivates hackers -- be it greed, anger, or the desire to make a political statement -- but what is certain is that they want your data. And to get what they want, they have to raid your database. This might mean finding the key -- also known as a weak password -- for the door that is guarding it or poking a hole in the door in order to tear it wide open. Or it might mean using a side window -- many of today’s hackers do so via Web applications vulnerable to SQL injection.
To learn more about SQL injection and the other methods hackers use to crack your database -- and to get some insight on how to stop them -- download the free report on how attackers exploit database vulnerabilities.
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.