SQL Injection and Your Business
What do the recent SQL attacks mean for your business?
If you’ve checked your techie news outlets over the past 24 hours, chances are you’ll have heard of CyberVor. This Russian cyber gang have conducted the largest data breach of our time, according to security researchers. With usernames and passwords believed to have been stolen from 420,000 websites, the gang have certainly been busy.
Using a method known as SQL Injection, CyberVor have brought about fresh fears for the safety of our online data; how can you protect your business from the threat of a data breach?
First things first: what exactly is SQL Injection?
SQL Injection is a method hackers use to attack and breach a website. CyberVor, our current infamous hackers, will have made use of bugs in the design of a website, where user provided data wasn’t properly sanitised and was used directly in a database query.
Valid input would have been replaced by input which contained code, which would have been recognised and acted upon by the database. As a result, sensitive information such as usernames and passwords were revealed to the attacker.
How can you set up a guard against SQL Injection for your business?
Technically speaking, there’s no sure-fire way to protect your business website from SQL injection without being a coding genius and/or hacker yourself.
However, there are, of course, actions you can take to protect yourself from any possible fallout, in the instance that your details were leaked as a result of SQL Injection attack.
Prioritize your password protection
We all know the importance of a good password. By selecting a strong password, you’re providing the first wall of defense against security breaches. Remember, the best passwords are over 14 characters long, containing letters, numbers and figures. Try to avoid ‘password123’ as it’s a bit of a security game weakener.
Use two-step verification
Having two tiers to anything never goes amiss (think cake), and so goes for user authentication. Though it may not keep out the most persistent hacking gangs, a two-step verification system could alert you to potential threat and at base value provides a further obstacle for hackers.
Mark your spam
As standard practise, you should avoid opening emails from unknown sources. Whereas in business this may be unavoidable, following links within said emails could put you at risk of virus or infection from malicious information. Mark spam emails to alert your provider, and exercise care when opening suspicious communications.
Stay up-to-date
Keeping on top of your software updates can be the best protection against potential threats. Software companies are forever discovering holes in their systems and resolving them, which highlights the importance of running the latest software available.