Significant rise in number of SQL injection attacks
Cloud hosting service FireHost reports that the number of registered SQL injection attacks rose by 69 per cent in the past quarter. According to the report, servers located in data centres across Europe and the US registered almost half a million of these attacks in the time between April and June 2012; less than 300,000 had been registered in the first quarter.
The term SQL injection refers to an attack where the attacker uses specially crafted input, for example in a web site's search feature, to inject database commands in such a way that the web application directly sends them to the database. Skilled attackers can optimise these commands to make them return the contents of specific database fields – such as the email addresses and passwords of registered users.
Therefore, security holes that provide the opportunity for SQL injection in web applications are among the most dangerous, because they directly put the data on affected servers at risk. SQL injection vulnerabilities in servers are likely the ultimate cause of most of the recently disclosed password leaks from LinkedIn to Gamigo.
Still, it would be difficult to establish a concrete connection between FireHost's observations and the, at least perceived, sharp increase in the number of password leak incidents – after all, many of the intrusions took place quite some time ago. However, there could be a causal link in the opposite direction, and attackers could have been inspired by recent data leaks. In any case, it is high time for server operators to consider implementing preventive measures before they become a target.