DOCSLIB.ORG

Ransomware Threat: Keeping Your Network Secure

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Ransomware Threat: Keeping Your Network secure Cyber Security Risks and Mitigation Strategies Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC‐registered investment advisor. | ©2016 CliftonLarsonAllen LLP WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING LLP 2017 National Cyber Security Trends CliftonLarsonAllen ©2016 •Over 4 billion data records were stolen in 2016 ◊ http://www.zdnet.com/article/over‐four‐billion‐data‐records‐were‐stolen‐in‐2016/ • 312 data breaches as of March 14, 2017 ◊ https://www.scmagazine.com/report‐finds‐more‐than‐312‐data‐breaches‐this‐year/article/644421/ • Cyberattacks cost small to medium business approximately $86K per incident and larger organizations ten times that amount ◊ http://blogs.rsa.com/best‐advice‐digital‐citizens‐stop‐think‐connect/ •Today’s cyber‐criminals prefer to target data, rather that to steal dollars WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 2 LLP A Few Company Breaches reported in 2017 CliftonLarsonAllen • 21st Century Oncology •Madison Square Garden ©2016 •Blue Shield • MedStar Health • Cellebrite • Neiman Marcus •Dun & Bradstreet •Quest Diagnotics •E‐Sports Entertainment Association • Radiology Regional Center (ESEA) •University of Central Florida •HEI Hotels •Verity Health •Highmark BlueCross BlueShield of •Verizon Enterprise Solutions Delaware •VTech • Holiday Inn • WellCare Health Plans Inc. of • Horizon Blue Cross Florida • Landry's restaurants •Yahoo • Little Red Door Cancer Services of East Central Indiana WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 3 LLPLLP CliftonLarsonAllen CliftonLarsonAllen ©2016©2015 The Threat Landscape Know your enemy 4 LLP Overview –Threat Landscape CliftonLarsonAllen ©2016 • Information Security Risks –Data loss –Data corruption –Data leakage –Data access –Loss of network privacy –Loss of network security –Loss of computing equipment •How do we secure systems? WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 5 LLP Definition of a Secure System CliftonLarsonAllen ©2016 “A secure system is one we can depend on to behave as we expect.” Source: “Web Security and Commerce” by Simson Garfinkel with Gene Spafford What we expect –Confidentiality –Integrity –Availability WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 6 LLP Why are we attacked? CliftonLarsonAllen ©2016 WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 7 LLP Cybercrime Industry CliftonLarsonAllen ©2016 • Suppliers •Markets •Service providers (“cybercrime as a service”) • Trading systems • Proliferation of business models WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 8 LLP Cybercrime CliftonLarsonAllen ©2016 •Hackers have “monetized” their activity –More sophisticated hacking –More “hands‐on” effort –Black market economy – 89% of breaches has a financial or espionage motive ◊ Verizon 2016 Data Breach Investigations Report (DBIR) •Phishing is a root cause behind the majority of cyber fraud and hacking attacks including ransomware WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 9 LLP Cybercrime Motivation CliftonLarsonAllen ©2016 WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 10 LLP How do attackers get in? CliftonLarsonAllen ©2016 • Email Phishing –“Spear Phishing” • Malware – targeted – ransomware • Poor Configuration •Social Engineering • Employees WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 11 LLP How do attackers get in ‐ Protecting Yourself CliftonLarsonAllen ©2016 • Most breaches or malware infections start from one of two scenarios –Phishing email – Browsing to a compromised/malicious website •It is important to learn how to identify if the email message or the website are legitimate and safe WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 12 LLP Statics CliftonLarsonAllen ©2016 Dataset contained approximately 100,000 incidents of which 3,141 were confirmed data breaches Number of security incidents by victim industry and organization size. 2016 Verizon DBIR WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 13 LLP Statics CliftonLarsonAllen ©2016 Dataset contained approximately 100,000 incidents of which 3,141 were confirmed data breaches Number of security incidents with confirmed data loss by victim industry and organization size 2016 Verizon DBIR WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 14 LLPLLP CliftonLarsonAllen CliftonLarsonAllen ©2016©2015 EMAIL PHISHING Know the primary attack 15 LLP What is Email Phishing? CliftonLarsonAllen ©2016 •Simply put: – Convince someone to perform an action that will benefit the attacker •What is that action? – Visit a malicious website – Download and open a malicious file –Provide confidential information ◊ (Password, Account Number, etc.) WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 16 LLP Email Phishing Attack CliftonLarsonAllen ©2016 •Traditional Attack (Spamming) – Attacker targets a large amount of users • Spear Phishing –A custom message is built for a specific target • Whaling –“C‐level” executives or management is specifically targeted WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 17 LLP Spotting a Malicious Link CliftonLarsonAllen ©2016 The link requests the user to visit a website to perform account maintenance. WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 18 LLP Uncovering a Malicious Link 1. Hovering over a link with your mouse will show the true path of an email link. CliftonLarsonAllen ©2016 2. This link appears to go to Amazon but is actually going to a malicious site. WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 19 LLP Phishing Example CliftonLarsonAllen ©2016 WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 20 LLP Spoofed Internal Source CliftonLarsonAllen ©2016 •Hackers are becoming more sophisticated with their email phishing attacks everyday. •It is becoming more common for an email phishing message to appear to come from a trusted internal source. WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 21 The Ransomware next great threat? 22 ©2016©2015 CliftonLarsonAllen LLP LLP Ransomware Impact CliftonLarsonAllen • Ransomware Damages Predicted to Reach $1 Billion Annually ©2016 in 2017 • Ransomware spiked 752% in new families in 2016 • Ransomware attacks hit over 700,000 users in one year • Ransomware threat on the rise as 'almost 40% of businesses attacked’ •The FBI says it received 2,453 complaints about ransomware hold‐ups last year, costing the victims more than $24 million dollars WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 23 LLP Ransomware ‐ Threat Landscape CliftonLarsonAllen ©2016 http://www.trendmicro.com/vinfo/us/security/research‐and‐analysis/threat‐reports/roundup WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 24 LLP Ransomware ‐ Threat Landscape CliftonLarsonAllen ©2016 http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/ISTR2016_Rans omware_and_Businesses.pdf WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 25 LLP What is Ransomware? CliftonLarsonAllen ©2016 A type of malicious software designed to block access to a system until a sum of money is paid. •Low Grade ◊ Fake antivirus tools pretend to detect malware issues and demand payment to fix them. • Middle Grade ◊ Law enforcement scams use fake FBI or U.S. Department of Justice messages to claim they've detected illegal activity on your computer for which you need to pay a fine. • Most Dangerous ◊ Pop‐up messages say your files are encrypted and demand ransom money be paid by a deadline in order to return them. WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 26 LLP What is Ransomware? CliftonLarsonAllen ©2016 •Many variants and constant evolution – CryptoWall, CryptoLocker, Mamba, etc. ◊ Well over 400 and counting – Encrypt all data, hold it “ransom” for $$ ◊ Data on local machine and on network ◊ Payments are often in Bitcoin •Not just Windows operating systems, also Apple •Some strains have custom ransomware web pages that are customized to their victim • Attack on the Availability of network data WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 27 LLP What is Ransomware? CliftonLarsonAllen ©2016 • Easier to do than exfiltration of the data • Cyber criminals attempt to delete host and network backups • User credentials are used for network access •FBI has told victims to pay the ransom if they cannot recover from backups •FBI stated they have started seeing instances where victim is not provided decryption key after paying • Traditionally delivered through email phishing WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 28 LLP Ransomware –Email Phishing Attack CliftonLarsonAllen ©2016 https://www.rsa.com/content/dam/rsa/PDF/2016/08/infographic‐detecting‐and‐responding‐to‐a‐ransomware‐ attack.pdf?linkId=28575248 WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 29 LLP Ransomware – Attack CliftonLarsonAllen ©2016 • Malware encrypts everything it can interact with WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 30 Ransomware Attacks 31 ©2016 CliftonLarsonAllen LLP LLP Ransomware –Case Studies CliftonLarsonAllen Pennsylvania Senate Democrats ©2016 •March 3, 2017 ‐ working with Microsoft to restore the system https://www.aol.com/article/news/2017/03/03/pennsylvania‐senate‐democrats‐fall‐victim‐to‐ransomware‐attack/21873178/ WEALTH ADVISORY | OUTSOURCING | AUDIT, TAX, AND CONSULTING 32 LLP Ransomware –Case Studies CliftonLarsonAllen Ransomware Hackers Blackmail
Recommended publications
  • ITEE Journal

    ITEE Journal

    Volume 3, Issue 6 ISSN: - 2306-708X December 201 4 ITEE Jo urnal Information Technology & Electrical Engineering ©2012-14 International Journal of Information Technology and Electrical Engineering Malware Contaminated Website Detection by Scanning Page Links 1 Mehdi Dadkhah, 2 Amin Dadkhah, 3 Jie Deng 1 Lecturer of Tiran Branch, Islamic Azad University, Isfahan, Iran. 2 Student of Tiran Branch, Islamic Azad University, Isfahan, Iran. 3 Queen Mary University London, London, UK. E-mail: [email protected], [email protected], 3 [email protected] ABSTRACT With increasing growth of communication networks, social interactions and financial transactions have been migrate to virtual environments. Internet is one of the most substantial platform for most people's social interactions and transactions. However, the notable challenge in online transactions is security in cyber environments and to understand the hazards accompanied with this communication platform. Because of the increased use of Internet and virtual environments in daily affairs such as financial transactions, this platform has become the focus of attackers and swindlers, for example the stealing of users' passwords. In this paper, we introduce main methods which attackers use to contaminate websites by malware. Even though several articles have been written on the subject, our main goal is introducing the advanced type of these frauds conducted by professional attackers which includes contaminating websites by any kind of malware like using phishing attacks, security vulnerability in web, social engineering and click hijacking. Finally we present our approach for confronting frauds conducted by installing spyware by contaminated websites attack and malware behavior. Keywords: Online fraud, cyber environment, phishing, web vulnerability, spyware.
  • Protecting Against the Top 5 Attack Vectors Stay Secure from the Most Common Threats Seen by Arctic Wolf’S Security Team

    Protecting Against the Top 5 Attack Vectors Stay Secure from the Most Common Threats Seen by Arctic Wolf’S Security Team

    Protecting Against the Top 5 Attack Vectors Stay secure from the most common threats seen by Arctic Wolf’s security team ©2019 Arctic Wolf Networks, Inc. All rights reserved. | Public PERSONAL | PREDICTABLE | PROTECTION CONTENTS Major Cyberattacks in the News ......................................................................................................................................3 The Top 5 Attack Vectors ...................................................................................................................................................4 The Cyber Kill Chain .............................................................................................................................................................7 Protecting Against the Top 5 Attacks Malware/Ransomware ....................................................................................................................................8 Phishing Attack ...................................................................................................................................................9 PUP/Adware ..................................................................................................................................................... 10 Account Hijacking ........................................................................................................................................... 11 Unpatched/Outdated Software .................................................................................................................
  • SQL Injection Authored By: Stephanie Reetz, SOC Analyst

    SQL Injection Authored By: Stephanie Reetz, SOC Analyst

    TLP: WHITE Technical White Paper January 2013 SQL Injection Authored by: Stephanie Reetz, SOC Analyst INTRODUCTION Web applications are everywhere on the Internet. Almost everything you do online is done through a web application whether you know it or not. They come in the form of web-based email, forums, bulletin boards, bill payment, recruitment systems, health benefit and payroll systems. It is important to understand that these types of websites are all database driven. Databases are an essential element of web applications because they are able to store user preferences, personal identifiable information, and other sensitive user information Web applications interact with databases to dynamically build customized content for each user. The web application communicates with the database using Structured Query Language (SQL). SQL is a programming language for managing databases that allows you to read and manipulate data in MySQL, SQL Server, Access, Oracle, DB2, and other database systems. The relationship between the web application and the database is commonly abused by attackers through SQL injection. SQL injection is a type of injection attack in which SQL commands are supplied in user-input variables, such as a web form entry field, in an attempt to trick the web application into executing the attacker's code on the database. SQL injection was one of the primary attack vectors responsible for many of 2011’s high profile compromises including Sony Pictures, HBGary, and PBS. It was also responsible for the more recent Adobe data breach in which names, email addresses, and password hashes were stolen from one of their customer databases.
  • Blindfolded SQL Injection

    Blindfolded SQL Injection

    Blindfolded SQL Injection Written By: Ofer Maor Amichai Shulman Table of Contents Overview ......................................................................................................................3 Identifying Injections ................................................................................................5 Recognizing Errors ...........................................................................................................................5 Locating Errors............................................................................................................................... ...6 Identifying SQL Injection Vulnerable Parameters ........................................................................6 Performing the Injection ..........................................................................................8 Getting the Syntax Right..................................................................................................................8 Identifying the Database ..................................................................................................................9 Exploiting the Injection ...................................................................................................................10 UNION SELECT Injections ....................................................................................11 Counting the Columns....................................................................................................................11 Identifying Columns Types
  • The Top 10 Biggest Data Breaches of 2015 | Digital Guardian Page 1 of 8

    The Top 10 Biggest Data Breaches of 2015 | Digital Guardian Page 1 of 8

    The Top 10 Biggest Data Breaches of 2015 | Digital Guardian Page 1 of 8 CONTACT US • SUPPORT • BLOG • PARTNERS PRODUCTS SOLUTIONS SERVICES RESOURCES ABOUT HOME BLOG The Top 10 Biggest Data Breaches of 2015 Wednesday January 13, 2016 By Nate Lord 64 Here’s a look back at the top ten biggest data FOLLOW US: breaches in 2015. 17 2015 was yet another year of massive data breaches, with an increase of 193149 reported incidents from 2014’s total. If these numbers are any indication, 2015 could surpass 2014’s record of 1 billion records exposed from data breaches. While the smoke clears and the dust settles, here’s a New 2016 roundup1 of the ten biggest data breaches last year, by total records lost. Gartner DLP Share Magic Quadrant Digital Guardian is a 10. Excellus BlueCross BlueShield Discovers Leader in the 2016 Magic Two-Year-Old Compromise that Exposed Quadrant for Data Loss Prevention. Read the Information on 10 Million Customers report to to understand how DLP solutions have evolved to provide advanced data protection. Download the report RELATED ARTICLES Stand By Me The Court has turned the Remijas v. Neiman Image via Mike Greenlar. Marcus Group, LLC. case into gold with its ruling; In August, healthcare provider Excellus uncovered a series of successful cyber attacks dating back as far as December 2013. The attacks were read this blog post to detected in a forensic investigation conducted in response to the number learn what the Court has of recent breaches and attacks that targeted other healthcare companies done to do so.
  • Choosing a WCM That Strengthens Your Cybersecurity Strategy

    Choosing a WCM That Strengthens Your Cybersecurity Strategy

    CHOOSING A WCM THAT STRENGTHENS (NOT WEAKENS) YOUR CYBERSECURIT Y STRATEGY Find out what Web Content Management system features are critical in an evolving cyber threat landscape. CONTENTS 1. Introduction: A New World of Cybercrime 2. The Role of Your WCM When It Comes to Security 3. The Threat of Crippling DDoS attacks 4. Vulnerability Exploits 5. Raising Your WCM defenses - 6. What to Look for in a Secure WCM 7. Summary CHOOSING A WCM THAT STRENGTHENS (NOT WEAKENS) YOUR CYBERSECURITY STRATEGY 02 INTRODUCTION: A NEW WORLD OF CYBERCRIME On Friday, May 12, 2017, the WannaCry ransomware cryptoworm first reared its ugly head, and within 24 hours had infected over 230,000 computers in over 150 coun- tries. Britain's National Health Service (NHS), Spain's Telefónica, FedEx and Deutsche Bahn were hit, as well as many other nations and companies around the world, in what became one of the biggest cybercrime exploits in history. WannaCry is only the latest tip of the cyber threat iceberg to break the surface. According to just one cybersecurity firm, ThreatMetrix, they detected 130 million online fraud attacks alone in the first quarter of 2017, up 23% from the same period the year before. (Source: "Cybercrime: US Tops Priority, Europe Tops Production" Security Intelligence) The sophistication and proliferation of cyber threats – viruses, ransomware, DDoS attacks and more – has grown startlingly, fueled by malice, political machinations or greed, with actual “cybercriminal web stores” sprouting up where criminals buy and sell credit card data and other stolen personal information, according to security researchers. (Source: Palmer, Danny, "Super-expensive Ransomware Linked to Online Cybercrime Market, Say Security Researchers" ZDNet) Other sobering stats about the rise of various types of cybercrime? 97% of web applications contain at least one vulnerability.
  • SQL Injection Attack, Attackers Exploit Web Application Vulnerability in Order to Access the Organization’S Data in an Unauthorized Manner

    SQL Injection Attack, Attackers Exploit Web Application Vulnerability in Order to Access the Organization’S Data in an Unauthorized Manner

    January 2013 Hacker Intelligence Initiative, Monthly Trend Report #15 Lessons Learned From the Yahoo! Hack How SQL Injection Vulnerabilities in Third-Party Code Can Make for Security Cloudy 1. Executive Summary On December 2012, an Egyptian hacker who calls himself ViruS_HimA, claimed to have breached Yahoo!’s security systems and acquired full access to certain Yahoo! databases, leading to full access on the server for that domain. Technically, we found that the hacker was able to determine the allegedly vulnerable Yahoo! application and the exact attack method – error message based SQL injection for the MSSQL (Microsoft SQL Server) database (DB). From a business perspective, this attack underscores the security problem posed by hosting third-party code – as is often done with cloud-based services. In fact, according to a survey from PricewaterhouseCoopers, 23.6% of respondents say that cloud computing has increased vulnerabilities, and the largest perceived risk is the uncertain ability to enforce provider security policies.1 In the Yahoo! incident, the vulnerable application was probably not coded by the Yahoo! team, and not even hosted on Yahoo!’s server farm. This left Yahoo! with full responsibility for securing the application on one hand, and a very limited capability to actually control the code, on the other hand. This episode underscores technical and business urgencies: Technically, security teams should: › Protect third-party Web applications against SQL injection and other Web attacks: Incorporate security into the software development life cycle, perform penetration tests and vulnerability assessments on the application, and deploy the application behind a Web Application Firewall (WAF). › Harden your system: When the application is promoted from development to production, the system configuration must be hardened to disable any irrelevant parts that may help the attacker.
  • Preventing SQL Injections in Online Applications: Study, Recommendations and Java Solution Prototype Based on the SQL DOM

    Preventing SQL Injections in Online Applications: Study, Recommendations and Java Solution Prototype Based on the SQL DOM

    Preventing SQL Injections in Online Applications: Study, Recommendations and Java Solution Prototype Based on the SQL DOM Etienne Janot, Pavol Zavarsky Concordia University College of Alberta, Department of Information Systems Security, 7128 Ada Boulevard, Edmonton, AB, T5B 4E4, Canada [email protected], [email protected] Abstract. SQL Injection Attacks are a relatively recent threat to the confidentiality, integrity and availability of online applications and their technical infrastructure, accounting for nearly a fourth of web vulnerabilities [1]. In this paper based on a master thesis [2], and numerous references therein, we present our study on the prevention of SQL Injections: overview of proposed approaches and existing solutions, and recommendations on preventive coding techniques for Java-powered web applications and other environments. Then, we review McClure’s SQL DOM [3] approach for the prevention of SQL Injections in object-oriented applications. We also present our solution for Java-based online applications, SQLDOM4J, which is freely based on the SQL DOM but attempts to address some of our criticisms toward it, and evaluate its performance. Keywords: Java, Prevention, SQL, SQLDOM4J, SQL Injection, Web Security. 1 Introduction Online data theft has recently become a very serious issue, and recent cases have been widely publicized over concerns for the confidentiality of personally identifiable information (PII). As a consequence, database extrusion prevention (DBEP) products have been rising lately. As early as 2002, the CSI & FBI survey reported that more than 50% of online databases experience a security breach each year [4]. As a matter of fact, Injection Flaws – and particularly SQL Injections – appear among the OWASP’s Top Ten most critical web applications vulnerabilities list [5].
  • Web Application Security by SQL Injection Detectiontools

    Web Application Security by SQL Injection Detectiontools

    IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 2, No 3, March 2012 ISSN (Online): 1694-0814 www.IJCSI.org 332 Web Application Security by SQL Injection DetectionTools Atefeh Tajpour , Suhaimi Ibrahim, Mohammad Sharifi Advanced Informatics School University Technology Malaysia Malaysia Abstract— SQL injection is a type of attack which the attacker adds Structured Query Language code to a web form input Researchers have proposed some tools to help developers box to gain access or make changes to data. SQL injection to compensate the shortcoming of the defensive coding [7, vulnerability allows an attacker to flow commands directly to a 10, 12]. The problem is that some current tools could not web application's underlying database and destroy address all attack types or some of them need special functionality or confidentiality. Researchers have proposed deployment requirements. different tools to detect and prevent this vulnerability. In this paper we present all SQL injection attack types and also The paper is organized as follows. In section 2 we define current tools which can detect or prevent these attacks. Finally we evaluate these tools. SQL Injection attack. In section3 we present different SQLI attack types. In section 4 we review current tools against Keyword: SQL Injection Attacks, detection, prevention, tool, SQLI. In section 5 we evaluate SQL Injection detection evaluation. or/and prevention tools against all types of SQL injection attacks and deployment requirements. Conclusion and future 1. INTRODUCTION work is provided in section 6. Web applications are often vulnerable to attacks, which can give attackers easily access to the application's 2.
  • Download Global Data Leakage Report, H1 2016

    Download Global Data Leakage Report, H1 2016

    InfoWatch Analytical Center www.infowatch.ru/analytics Global Data Leakage Report, H1 2016 © InfoWatch Analytical Center, 2016 InfoWatch Analytical Center Global Data Leakage Report, H1 2016 Table of contents Table of contents .............................................................................................................. 2 In figures .......................................................................................................................... 3 Summary .......................................................................................................................... 4 Methodology ..................................................................................................................... 4 Report findings ................................................................................................................. 7 Leak channels ................................................................................................................ 13 Industry map .................................................................................................................. 16 Regional specifics .......................................................................................................... 19 Conclusion and findings ................................................................................................. 21 Leakage monitoring on InfoWatch's website .................................................................. 22 Glossary ........................................................................................................................
  • Cyber Risk – Common Threats Part 1 of 2

    Cyber Risk – Common Threats Part 1 of 2

    Cyber Risk – Common Threats Part 1 of 2 Table of Contents Threats to Information Systems ..................................................................................................... 2 Malware .......................................................................................................................................... 4 Viruses ............................................................................................................................................. 5 Virus Examples ................................................................................................................................ 6 Worms ............................................................................................................................................. 8 Brief Virus and Worm History ......................................................................................................... 9 Downloaders ................................................................................................................................. 11 Attack Scripts ................................................................................................................................ 13 Botnet -1 ....................................................................................................................................... 15 Botnet -2 ....................................................................................................................................... 17 IRCBotnet Example ......................................................................................................................
  • SQL Injection: the Longest Running Sequel in Programming History

    SQL Injection: the Longest Running Sequel in Programming History

    Journal of Digital Forensics, Security and Law Volume 12 Number 2 Article 10 6-30-2017 SQL Injection: The Longest Running Sequel in Programming History Matthew Horner Norwich University, [email protected] Thomas Hyslip Norwich University, [email protected] Follow this and additional works at: https://commons.erau.edu/jdfsl Part of the Computer Law Commons, and the Information Security Commons Recommended Citation Horner, Matthew and Hyslip, Thomas (2017) "SQL Injection: The Longest Running Sequel in Programming History," Journal of Digital Forensics, Security and Law: Vol. 12 : No. 2 , Article 10. DOI: https://doi.org/10.15394/jdfsl.2017.1475 Available at: https://commons.erau.edu/jdfsl/vol12/iss2/10 This Article is brought to you for free and open access by the Journals at Scholarly Commons. It has been accepted for inclusion in Journal of Digital Forensics, Security and Law by an authorized administrator of (c)ADFSL Scholarly Commons. For more information, please contact [email protected]. SQL Injection: The Longest Running Sequel in … JDFSL V12N2 SQL INJECTION: THE LONGEST RUNNING SEQUEL IN PROGRAMMING HISTORY Matthew Horner Norwich University Northfield, VT [email protected] Thomas Hyslip Norwich University Northfield, VT [email protected] ABSTRACT One of the risks to a company operating a public-facing website with a Structure Query Language (SQL) database is an attacker exploiting the SQL injection vulnerability. An attacker can cause an SQL database to perform actions that the developer did not intend like revealing, modifying, or deleting sensitive data. This can cause a loss of confidentiality, integrity, and availability of information in a company’s database, and it can lead to severe costs of up to $196,000 per successful injection attack (NTT Group, 2014).