Technology is advancing at an incredible pace. With this, the technologies that underpin websites’ web applications are becoming more and more sophisticated. Databases are also among the advancements and with time, SQL became a go-to the language of the database world. As infrastructure is changing from “cloud hosted” to “cloud native,” SQL or relational database market is also transforming, meeting the demands of new cloud-native infrastructure layer.
SQL is basically a Structured Query Language used for storing, manipulating and retrieving data stored in a relational database. It the lingua franca for Relational Database System (RDMS) like MySQL, MS Access, Oracle, Postgres etc.
Simply put, SQL is the doorkeeper that grants access to a database. But lately, questions have started to emerge regarding the security of this database doorkeeper. It is not only the good side of technology that is becoming sophisticated, but the bad has also found ways too, to fool the SQL doorkeeper and get inside a database.
What Is SQL Injection?
Before jumping right into how SQL can be used to hack databases, let’s understand the anatomy of a database. Usually, a database consists of tables, where data in a relational database is stored. The tables of a database have rows (also called records) and columns (also called fields). So if a table contains information such as ID, Name, Username, and Password, SQL injection is always preferred by attackers.
Databases today are used in several situations, and one of the most common configurations is a database serving as the backend to a web application. And in order to gain access to that database, SQL injection has become the go-to technique for hackers.
But how SQL injection attacks are carried out? This technique of compromising databases works out well when input fields are not properly sanitised or escaped. By entering malicious SQL commands, attackers can fool the SQL doorkeeper and let itself in. SQL injection over the years has become really popular, it is also considered to be one of the most effective and impacting hacking techniques, letting hackers gain access to sensitive information, tamper with data, destroy data, or even escalate privileges.
The first and foremost step for a hacker to carry out an SQL injection attack is to discover user inputs that are vulnerable. Why? Because web pages and applications with such vulnerability let users push inputs directly in an SQL query. Once the vulnerability is found, the hacker just needs to push a malicious payload with malicious SQL commands that get executed in the database.
Talking about SQL Injection, there are three types:
Union-Based SQL Injection: It is one of the most popular types of SQL injections that hackers go for. Union-based injections use the UNION statement to flick data from the database.
Error-Based SQL Injection: This might be the simplest form of SQL injection, but it has a difficulty too — it runs only with MS-SQL Server. The whole concept of this attack is to crash the application or web page and make it show an error. Once you get the error, then you start with your SQL queries and make the database reveal the data that you are looking for.
Blind SQL Injection: Among all the other types of SQL injections, it is the most complicated yet effective one. This attack is carried out when you fail to get an error — the hacker randomly pushes in queries to make the database answer the questions.
How to Mitigate And Prevent A SQL Injection
On 19 September during the 2010 Swedish general election, a voter attempted a code injection by SQL commands as part of a write-in vote. Another instance was on November 8, 2010 — the British Royal Navy website was pwned using SQL injection by a Romanian hacker. That is not all, during the 2016 US presidential election, SQL injection was carried out. The attack targeted the Illinois Board of Elections and was used to wipe the personal data of 2,00,000 citizens, and the database was taken offline for 10 days to fix the vulnerabilities exploited to gain access.
Over the years, many organisations have fallen victim to SQL Injection attacks and with the advancing technology, hackers are also becoming sophisticated. So, how we combat or mitigate SQL injections? To keep the data safe from a SQL injection is to make sure that the input fields in a web page or an application are strongly sanitised.
Also, companies need to make sure that the potential malicious code elements such as single quotes are taken off along with the visibility of database errors. Moreover, there are cases when a SQL vulnerability is found but couldn’t be fixed immediately. So in the case, it is advised to use a web application firewall to sanitise the input at least on a temporary basis.