Identity Theft Expert Robert Siciliano

IBM Internet Security Systems discovered 50% more web pages infected in the last quarter of 2008 than in the entire year of 2007.

The infection is called a SQL injection. From Wikipedia, a “SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application.”

In other words a SQL injection is a virus or bug that effects an application that is not properly coded or secured. There are many different configurations of various software used to build and run a website. An example would be the common WordPress blogs that many use and has been found to be vulnerable. This sql is just one of hundreds of applications that can be hacked in this way.

In 2005 a now defunct company called CardSystems, a 3rd party payment processor suffered a SQL injection compromising a reported 40 million credit cards.

Since that time criminal hackers have multiplied their efforts. SQL injections have evolved in their purpose and sophistication. Originally meant as a tool to attack a merchants database and steal data, the attack was reconfigured last summer to install viruses on users computers that contain a remote control component.

Matt Chambers with Corporate IT Solutions says “Web applications are one of the most outward facing components a corporation contains in its network design, and one of the least protected. Applications typically take input information and send it to a database for storage and processing. We interact with these kinds of applications every day, whether its a signup form or a login page for a favorite networking site.”

The attack on the users PC is simple. Often called a “drive-by” because sometimes all the user needs to do is surf the site. Many of the attacks take place when doing common web task such as watching videos, listening to music or downloading files.

The unsuspecting PC users surfs an infected site and BAM, code is injected onto their PC and they are infected. Their PC becomes part of a “botnet” which is a robot network of computers specifically designed for hacking.

Bots, the PCs infected are also known as zombies. Zombies, as a result of the SQL injection, generally have a virus installed that gives the hacker control from anywhere in the world. The “botnet” can be 10 PCs, 10,000 PCs and into the hundreds of thousands. Studies show there are potentially million and millions of zombies globally part of numerous botnets. botnet1

Lax security practices by consumers and small business are giving scammers a base from which to launch attacks. Botnet hackers set up phishing websites targeting well-known online brands. They send junk mail e-mails and install redirection services to deliver viruses, malware and keylogggers.

USA Today reports IBM Internet Security Systems for their clients blocked 5000 SQL injections every day in the first 2 quarters of 2008. Mid year the number grew to 25,000 a day. By late fall attacks climbed to 450,000 daily.

The key to identity theft protection and prevention and from being a zombie, is to engage in every update for every browser you use, media player, updating your operating system and recommended McAfee anti-virus protection.

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.

Identity Theft Speaker Robert Siciliano discusess SQL injection here

Be Sociable, Share!