2. Overview
Executive Summary
SQL Injection Threat Defined
Risk of SQL Injection Attack
Impact of SQL Injection Attack
Potential Costs and Penalties
Threat Level
Recommendations
Organizational Constraints
Phase I Immediate Response
Phase II Medium Range Response
Phase III Long Term Response
Suggested Next Steps
Other Sources
Questions
3. Executive Summary
• A security related vulnerability in
SQL software code has been
identified
• Data at risk for unauthorized
access, alteration, theft and misuse
• Both risk and impact are high,
meaning overall threat level is high
• Take a three step approach to
mitigate the threat
4. SQL Injection Threat Defined
• Attacker adds Structured Query Language
(SQL) code to a Web form input box to gain
access to resources or make changes to data.
• Usually, values are inserted into a SELECT
query
• Interact with the database in illicit ways,
including making unauthorized changes, which
would damage data integrity
6. Risk of SQL Injection is High
• Manual attack
• Automated attack
• Risk of SQL
injection exploits
is on the rise due
to the proliferation
of automated
attack tools.
7. Impact of SQL Injection is High
• Allow attackers to spoof identity,
tamper with existing data, cause
repudiation issues such as voiding
transactions or changing balances,
allow the complete disclosure of all
data on the system, destroy the data
or make it otherwise unavailable,
and become administrators of the
database server.
8. Costs and Penalties
• HIPAA, FERPA, PCI
• Fines, penalties, lawsuits
• Prison in extreme cases
• Image and reputation
9. Threat Level is High
• As both the risk and potential
impact of an SQL injection
attack are rated as high, the
overall threat level is also rated
as high, meaning that an SQL
injection attack is very likely to
occur and that the damage
which could be caused by
such an attack is capable of
being devastating.
10. Recommendations
• It is recommended that the
organization take immediate as well
as phased-in action, to mitigate the
risk of an SQL Injection Attack on
our database application.
• Three phases, ranging from
immediate to medium range to long
term
12. Phase I - Immediate
• Leverage the organization’s
centralized login service to place
authentication protection in front of
the database.
• Does not fix the underlying SQL
injection software code, it does
place a perimeter of protection
around the vulnerable database
• Inexpensive, easy to implement
13. Phase II – Medium Range
• Next 90 days, develop a specific
project plan and work plan to re-
write the vulnerable software
application.
• Present to upper management,
outlining the risks and impacts of
this threat and a solid case can be
made for staff time and funding
required to prioritize and fix the
software application.
14. Phase III – Long Term
• As time and budgets permit, ask the
software engineers to attend training
sessions
• Will ensure that database software
applications built in the future will
has SQL Injection Attack security
baked in from the beginning
15. Next Steps
• Obtain management’s permission to immediately
proceed with the tactical authentication solution, to
place a perimeter of security around the vulnerable
SQL software code.
• Develop a presentation for upper management which
describes the threat posed by an SQL Injection Attack
and ask for their permission to develop a project plan
and work plan to re-write the vulnerable database
software application, beginning three months from
now.
• Contact the education department and ask them to
research dates and costs for SQL Injection Attack
training for software engineers, over the course of the
next year.