A: LIKELIHOOD:
There are several factors that can help determine the likelihood. The first set of factors are related to the threat agent involved. The goal is to estimate the likelihood of a successful attack from a group of possible attackers.
A1. Threat Agent Factors
The first set of factors are related to the threat agent involved. The goal here is to estimate the likelihood of a successful attack by this group of threat agents. Use the worst-case threat agent.
A1.1: Skill level required to exploit a vulnerability:
Many tools exist to automate the exploitation of SQL injection vulnerabilities and their functions range from mining database access to gaining command execution via specific database packages. An attacker with basic
…show more content…
(7.0 - High)
A1.4: Size: XSS and SQL Injection attacks can be carried out an individual or a team of attackers. Nothing stops a lone attacker to exploit XSS and SQL Injection vulnerabilities. (9.0 - High)
A.2: VULNERABILITY FACTORS
A.2.1: Ease of discoverability: For both vulnerabilities, it is extremely easy to be discovered by threat agents as automated tools available freely on internet. (8.5 - High)
A.2.2: Ease of exploit: Again, automated tools available to exploit these vulnerabilities so this is extremely easy to pull off. (9.0 - High)
A.2.3: Awareness: SQLi was first publicly disclosed around 17 years ago, and still on Top of the OWASP list. It is very well known vulnerability. Same goes for the XSS it is very well known among hackers. (9.0 - High)
A.2.4: Intrusion detection: Yes, there are tools available to detect XSS and SQL Injection like SNORT and other black box tools. (3.0 - Low)
Average Score of all factors = Likelihood = 7.5 High
B: IMPACT:
Before estimating the overall impact of an attack, it is important to address that there are two kinds of impacts. Technical impact on system/application and Business impact on the Business/Company.
B.1: Technical Impact Factors
B.1.1: Loss of confidentiality: By exploiting points of SQL Injection in the application an attacker can gain access to all Critical Data Assets connected to the Company Portal application and backend database
= 10% , Medium = 50%, and High = 100% Impact: Low = 10, Medium = 50, and High = 100
The likelihood of an attack or breach dealing with the current infrastructure of the company’s
Vulnerability 1: Injection – used to attack the applications in which malicious SQL statements are inserted into an entry field for execution.
SQL Injection – an input validation attack specific to database applications where SQL code is inserted into application queries to manipulate the database.
Critical “1” risk, threats, and vulnerability User Domain Risks Threats, and Vulnerabilities Risk Impact/Factor None Critical
In the end, these points are not many and it depends on the programmer experience and innovations in protection
The periodic assessment of risk to agency operations or assets resulting from the operation of an information system is an important activity. It summarizes the risks associated with the vulnerabilities identified during the vulnerability scan. Impact refers to the magnitude of potential harm that may be caused by successful exploitation. It is determined by the value of the resource at risk, both in terms of its inherent (replacement) value, its importance (criticality) to business missions, and the sensitivity of data contained within the system. The results of the system security categorization estimations for each system, is used as an aid to determining individual impact estimations for each finding. The level of impact is rated
Abstract - SQL injection is a technique where malicious users can inject SQL commands into an SQL statement through user input. It is among the most common application layer attack techniques used normally. SQL Injection is among topmost attack mechanisms used by malicious user to steal data from organizations. This is one of the types of attack which takes advantage of improper coding to inject SQL commands into form through user input to allow them to gain access to the data.
What is the risk impact or risk factor (critical, major, minor) that you would qualitatively assign to the risks, threats, and vulnerabilities you identified for the LAN-to-WAN Domain for the healthcare and HIPPA compliance scenario?
“Branch Locator” page is vulnerable to SQL injection attacks. This is a serious vulnerability which involves inserting malicious SQL statements into an input field for execution. By appending SQL statements to the URL of the Branch Locator page, information about the structure of the underlying database was collected. This information was then used to generate further malicious statements. The list of database objects, tables and columns were returned. The
You did an excellent job creating your threat model process for week one assignment. It appears that you have an excellent start and bases for the creation of your final threat model process. After reviewing both your threat model process flow diagram and your threat model process document describing each step of your thereat modeling process I have a couple of suggestions which I hope can help you in the creation of your final threat model process. My first recommendation is in regard to the flow of your threat model process. It appears that though you have many excellent steps it’s hard to tell where to start and stop the threat modeling process, the next steps in the process, and if the process repeats. My recommendation is to
Two of the common known attacks on computing systems are the deployment of computer viruses and malware.
However, another important security aspect of the cloud computing is SQL injection attacks (SQLIA) which needs to be improved. According to the cloud hosting company Firehost, SQLIA have increased from 18% to 20% from the first quarter to the second quarter of 2013. Computer hackers try to insert malicious codes to get unauthorized access to database systems which will eventually give access to steal the contents of the databases. The cloud network should implement and improve on parameterized SQL queries, input validation, and stored procedures which will secure the system from exploiting the database. To retrieve, alter, or insert any data from the database system, SQL queries are required. SQL queries should separate the logic from data which
The greatest area of vulnerability and potential for damage or data loss of web applications and
But this is an example to understand the sql injection is at far higher level from this example because injecting harmful codes to any desired database,for running his/her database server for destructing database ,extracting private information is purely hacking.