Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Advice available on how to report SQL injection attacks

Sophos : 20 November, 2012  (Technical Article)
Sophos provides UK businesses with advice on what procedures to follow for reporting SQL injection attacks
Advice available on how to report SQL injection attacks

IT security and data protection firm Sophos has produced advice for businesses affected by SQL injection attacks, including how to report incidents to the authorities and the various legal implications within different countries and jurisdictions.

In the UK for example, a malicious hacker behind a SQL injection attack initially commits the Computer Misuse Act (CMA) offence of "Unauthorised Access" by using SQL injection to facilitate access to a server, and then commits a further CMA offence of "Unauthorised Act with Intent to Impair” if database tables are modified or deleted.

Sophos suggests that businesses take the following steps to protect websites from SQL injection attacks:

- Ensure all data is regularly and adequately backed-up
- Enable full, secure logging of the server to be able to analyse and identify future attacks
- Add scripts to catalogue the entire contents of the web folders, in order to highlight unexpected file additions or modifications
- Consider proper security auditing of websites by a suitably accredited penetration testing professional or company

“Following a SQL injection attack companies should archive the contents in the current state, take down the affected website and replace it with a holding page, whilst also restricting secure file transfer and other remote access programmes as well as changing all passwords,” advised Bob Burls, writing on the Sophos Naked Security website.  “All server logs that have been gathered before and during the attack should be archived and retained as potential evidence.  Once the site has been cleaned and audited, only then should it be brought back online.”

“In general, it's important that all computer crime is reported.  Even if no investigation follows, intelligence can be built up and an accurate picture of the levels of computer crime can be produced.  If victims of a particular crime do not come forward to report incidents, then statistics will not be an accurate reflection of the number of crimes taking place.” summarised Burls.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo