The reason databases are targeted so often is quite simple—they are at the heart of any organization, storing customer records and other confidential business data. It is necessary to secure your data from various database threats.
When hackers and malicious insiders gain access to sensitive data, they can quickly extract value, inflict damage or impact business operations. In addition to financial loss or reputation damage, breaches can result in regulatory violations, fines and legal fees
Top Ten Database Security Threats
- 5Excessive and Unused Privileges: When someone is granted database privileges that exceed the requirements of their job function, these privileges can be abused.
- Privilege Abuse: User8s may abuse legitimate database privileges for unauthorized purposes.
- Input Injection: There are two major types of database injection attacks: 1) SQL Injection that targets traditional database systems and 2) NoSQL Injection that targets Big Data platforms. SQL Injection attacks usually involve inserting (or “injecting”) unauthorized or malicious statements into the input fields of web applications. On the other hand, NoSQL injection attacks involve inserting malicious statements into Big Data components (e.g., Hive or MapReduce). In both types, a successful Input Injection attack can give an attacker unrestricted access to an entire database.
- Malware: Cybercriminals, state-sponsored hackers, and spies use advanced attacks that blend multiple tactics – such as spear phishing emails and malware – to penetrate organizations and steal sensitive data. Unaware that malware has infected their device, legitimate users become a conduit for these groups to access your networks and sensitive data.
- Weak Audit Trail: Automated recording of database transactions involving sensitive data should be part of any database deployment. Failure to collect detailed audit records of database activity represents a serious organizational risk on many levels.
- Storage Media Exposure: Backup storage media is often completely unprotected from attack. As a result, numerous security breaches have involved the theft of database backup disks and tapes.
- Exploitation of Vulnerabilities and Misconfigured Databases: It is common to find vulnerable and un-patched databases, or discover databases that still have default accounts and configuration parameters. Attackers know how to exploit these vulnerabilities to launch attacks against your organization.
- Unmanaged Sensitive Data: Many companies struggle to maintain an accurate inventory of their databases and the critical data objects contained within them. Forgotten databases may contain sensitive information, and new databases can emerge – e.g., in application testing environments – without visibility to the security team. Sensitive data in these databases will be exposed to threats if the required controls and permissions are not implemented.
- Denial of Service: Denial of Service (DoS) is a general attack category in which access to network applications or data is denied to intended users. The motivations behind DoS attacks are often linked to extortion scams in which a remote attacker will repeatedly crash servers until the victim meets their demands. Whatever the source, DoS represents a serious threat for many organizations.
- Limited Security Expertise and Education: Often this is due to the lack of expertise required to implement security controls, enforce policies, or conduct incident response processes. According to the Ponemon Institute 2014 Cost of Data Breach Study, for 30 percent of data breach incidents, the main root cause was classified as the “human factor” – in other words, a negligent employee or contractor.