SQL injection attacks still a major threat

News by Ava Fedorov

Education and deploying the necessary mitigation tactics to prevent SQLi attack should be top of mind for everyone, says Barry Shteiman.

This past month, according to Imperva's Community Defence service, of the 300,000 attack campaigns that have occurred globally 24.6 percent were SQLi attacks. Writing in response to this revelation, Barry Shteiman, director of security strategy at Imperva, noted the overarching cost of such SQL injection attacks.

The recent incident of the US Navy SQLi database breach exposes the true damage such attacks can yield. Prior to being shut down, the attack cost more than 220,000 naval service members their personal information and cost the Navy more than £300,000 (US$ 500,000) in recovery.

Though a staggering sum, Shteiman points out in his blog, that the cost for even a minor SQLi attack is around £120,000 (US$ 200,000) —“a hefty price to pay for an attack vector that was solved by web application security technologies, however due to lack of awareness and application security - that vector is still a money maker for hackers.”

“Education and deploying the necessary mitigation tactics to prevent an attack should be top of mind for everyone,” says Shteiman. “It's certainly one step to avoid a breach.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event 

Webcast: Understanding this year's biggest adversaries - and how to combat them 

Nation-state activity, versatile, slippery strategies and Big Game Hunting - the threats are real, dangerous and ever changing. 
Brought to you in partnership with Crowdstrike