Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Database Crime Scene Prevention

Imperva's Amichai Shulman looks at database attack and defense.
Page:

A good detective understands the criminal mind, techniques, and tools of the trade. To protect your database and prevent it from becoming a crime scene, it is crucial to understand the common methods of attack, data theft, and cover up techniques. The suspect line-up can come from outside hackers and from within the ranks of trusted employees, contractors, and partners. Some threats are easily prevented or contained; while others more elusive. Fortunately, many of the security mechanisms and tools required to protect databases are readily available.

This article examines known attacks, methods, and tools used by criminals, as well as emerging exploit categories used to break into a database, establish control, compromise the system, steal the data, and cover up the tracks. We will also cover best practices for protecting databases against these attacks methods.

The database server as a target

Given the wealth of information stored in databases and its value on the open market, it is no surprise that databases are a primary target of criminals. The personal, identity, trade, and military data contained in many repositories can fetch top dollar. Meanwhile, employment instability, mergers, acquisitions, etc., can also contribute to insider data theft. In addition, data can leak out accidentally and though these acts are not criminal, they can result in severe data breaches.

It can be said that the database server provides an attacker with the perfect criminal opportunity, combining motive (the resale value of the information), means (easily available tools), and opportunity (direct access to the server through thick client-applications, lax internal network controls and ill written applications).

The Five-Step Program

Before attempting to implement effective database security, it is crucial to understand the processes that lead to a breach. These processes can be broken down into five basic steps:

  • 1. Tools of the Trade

  • 2. Initial Access

  • 3. Privilege Abuse

  • 4. Privilege Elevation

  • 5. Covering the Tracks

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ADC, Crucial, Excel, IPS, Microsoft, Open Market, Oracle, PLUS

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: cybercrime, database
Latest Blog Posts
Whitepapers
  • Reducing Costs Through Better Server Utilisation
    By consolidating systems onto the latest server technology and taking advantage of virtualization techniques, enterprises can optimize datacenter efficiency, gain flexibility, and reduce operating costs—without sacrificing performance or impacting service levels. Read on.
    Learn more »
  • Reconciling Datacenter consolidation and security: It starts with an integrated approach
    There is no question that datacenter consolidation has gone mainstream. A recent IDG Research survey of IT managers found that three out of four organizations are in the midst of, or just completing, consolidation of multiple applications or systems onto a smaller number of servers. Improving performance and availability was the key driver of consolidation efforts for 85% of those surveyed.
    Learn more »
  • Case Study: HJ Heinz
    Heinz has trusted Sophos to protect its desktop users and email systems from malware and spam for many years. As part of its multi-tier approach to IT security, the company needed more robust protection against web-based threats and the use of unauthorised applications.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments