SQL Injection Attacks Targeting Small Business
A SQL injection is a virus or bug that effects an application that is not properly coded or secured. There are many different configurations of various software used to build and run a website. An example would be the common Word Press blog platform that many use and has been found to be vulnerable. This is just one of hundreds of applications that can be hacked in this way.
The Last Watchdog reports “Small- and medium-sized business — SMBs – remain in the thick of the steadily rising tide of cyber-attacks. Even as SMBs use cloud services to tap into support services, giving owners time to focus on what they do best, criminals are staying several steps ahead.” SQL injections have evolved in their purpose and sophistication. Originally meant as a tool to attack a merchant’s database and steal data, the attack has been reconfigured to install viruses on users’ computers that contain a remote control component.
Matt Chambers a security consultant says, “Web applications are one of the most outward facing components a corporation contains in its network design, and one of the least protected. Applications typically take input information and send it to a database for storage and processing. We interact with these kinds of applications every day, whether it’s a signup form or a login page for a favorite networking site.”
Lax network security practices by consumers and small businesses are giving scammers a base from which to launch attacks. Botnet hackers set up phishing websites targeting well known online brands. They send junk mail emails and install redirection services to deliver viruses, malware and keyloggers. This means small business must have systems in place to prevent these hacking attacks.
At a minimum, computers with old, outdated, or unsupported operating systems like are extremely vulnerable. Systems using old or outdated browsers such as offer the path of least resistance.
To protect yourself against SQL Injection attacks, update your operating system to XP SP3 or Windows 7. Make sure to set your antivirus software to update automatically. Keep your critical security patches up-to-date by setting Windows Update to run automatically as well. And don’t engage in risky online activities that invite hacking attacks.