The document discusses database security and common database attacks. It outlines six types of database attacks: excessive privileges that allow inappropriate access to data; privilege abuse where legitimate access is used for unauthorized purposes; platform vulnerabilities that are exploited to gain access; SQL injection that allows sending unauthorized queries; denial of service techniques that compromise availability; and database protocol vulnerabilities. The document emphasizes implementing proper access controls, monitoring, and encryption of backups to mitigate these attacks.

1. Presenter: Zubair Rahim
1

2. Outline 2
 Hacker vs Programmer
 What is database security?
 Data breach
 Database Attacks

3. 3

4. Data breach
 A data breach occurs when a cybercriminal successfully
extracts sensitive information. This can be done physically by
accessing a computer or network to steal local files or by
bypassing network security remotely.
4

5. Data breach
More than 2.5 billion records stolen 2017 ...
5

6. 6

7. Database Attacks
1. Excessive Privileges.
2. Privilege Abuse
3. Platform Vulnerabilities
4. SQL injection
5. Denial of service
6. Database protocol vulnerabilities
7. Stolen backup (unencrypted) tapes
7

8. 1. Excessive privileges
 When users (or applications) are granted database privileges that exceed
the requirements of their job function, these privileges may be used to
gain access to confidential information.
 For example, a university administrator whose job requires read-only
access to student records may take advantage of excessive update
privileges to change grades.
 Solution
 Query-level access control restricts
privileges to minimum-required operations and data.
8

9. 2. Privilege abuse
 Privilege is abused when a system user performs an action that is not in
accordance with corporate policy or law
 Users may abuse legitimate data access privileges for unauthorized purposes.
 For example, a user with privileges to view individual patient records via a
custom healthcare application client may abuse that privilege to retrieve all
patient records via a MS-Excel client.
 Solution
 The solution is access control policies that apply not only to what
data is accessible, but how data is accessed.
 By enforcing policies for time of day, location, and application
client and volume of data retrieved, it is possible to identify users
who are abusing access privileges.
9

10. 3. Platform Vulnerabilities
 Vulnerabilities in underlying operating systems may lead to unauthorized
data access and corruption.
 For example, the Blaster worm took advantage of a Windows 2000
vulnerability to take down target servers.
 Solution
 IPS tools are a good way to identify and/or block
attacks designed to exploit known database
platform vulnerabilities.
10

11. 4. SQL injection 11
 SQL injection attacks involve a user who
takes advantage of vulnerabilities in
front-end web applications and stored
procedures to send unauthorized database
queries, often with elevated privileges.
 Using SQL injection, attackers could even
gain unrestricted access to an entire
database.

12. 12

13. 5. Denial of service
 Common DoS techniques include buffer overflows, data
corruption, network flooding, and resource consumption
6. Database protocol vulnerabilities
 Vulnerabilities in database protocols may allow
unauthorized data access, corruption, or availability
 Protocol attacks can be defeated by parsing and
SQL communications to make sure they are not
7. Stolen backup (unencrypted) tapes
 Some recent high profile attacks have involved theft
database backup tapes and hard disks
13