What is SQL Injection?
An SQL injection is a type of cyber attack in which a hacker uses a piece of SQL (Structured Query Language) code to manipulate a database and gain access to potentially valuable information.
It's one of the most prevalent and threatening types of attack because it can potentially be used against any web application or website that uses an SQL-based database.
How Does SQL Injection Work?
In standard software practice, an SQL query is essentially a request sent to a database — a computerized repository of information — for some type of activity or function such as query of data or execution of SQL code to be performed.
One such example is when login information is submitted via a web form to allow a user access to a site.
Typically, this type of web form is designed to accept only very specific types of data such as a name and/or password. When that information is added, it's checked against a database, and if it matches, the user is granted entry. If not, they're denied access.
Potential problems arise because most web forms have no way of stopping additional information from being entered on the forms. Hackers can exploit this weakness and use input boxes on the form to send their own requests to the database. This could potentially allow them to carry out a range of nefarious activities, from stealing sensitive data to manipulating the information in the database for their own ends.
An Increasing Problem
Because of the prevalence of web sites and servers that utilize databases, the SQL injection method of attack is one of the oldest and most widespread types of cyber assault.
Several developments in the hacker community have increased the risk of this type of attack, most notably the advent of automated SQL injection programs.
Freely available from open source developers, automated SQL injection programs allow cybercriminals to automatically perform attacks in only a few minutes by allowing them to access any table or any column in the database with just a click and attack process.
There are multiple ways to prevent these types of attacks, including using a web application firewall, such as the firewalls found in various Kaspersky security solutions. Another preventative measure is to create multiple database user accounts so only specific and trusted individuals can access the database.