Dec 04 2008
This report on large increase in hacker attempts during the holiday season comes from SecureWorks via Market Watch:
The abnormally high attack levels in July, August and September are a result of the rash of SQL Injection attacks we saw this year from a Chinese SQL injection tool and the Asprox trojan, said Jackson.
In July, August and September, hackers used the Chinese SQL Injection tool and the Asprox trojan to launch thousands of SQL Injection attacks so as to build up their botnets,” said Jackson. “With these attacks, they sought out websites that utilized active server pages linked to a Microsoft SQL Server backend and unfortunately a lot of retailers use this platform, thus they became a big target. Of course, this boded well for the hackers because if they could infect high trafficked sites then their chances of infecting large numbers of computers and turning them into bots would be much greater. The bots were then used to send phishing e-mails and launch additional SQL Injection attacks. For retailers, the danger of a SQL Injection attack is that if it is successful then the hacker can potentially gain administrator access to the affected server, thus opening up the entire customer database to the hacker, complete with the customers’ account information which could include credit card data, bank account information, name, address, etc. Even worse, under some circumstances, once the hacker has successfully infiltrated the database server they can use it as a jumping off point to access the rest of the company’s network,” continued Jackson.