Common IT Threats and Database Security
Common IT threats and database security
It this article you’ll learn about the most common threats you may be exposed to while surfing the Internet and how it can affect.
A computer (it may be even yours) is infected with software which makes this computer “a zombie” obeying orders from a remote master. Now imagine millions of such computers.
- Distributed denial-of-service (so called “DDoS attack”)
This is used when a criminal wants to sabotage a specific website or server. This can be easily done by ordering an army of botnet “zombies” to reach a website or server and do that over and over again. As a result, other users have difficulty reaching the website (server) or simply can’t do that. Another result is that website(server) shuts down completely. Such attacks are called “distributed” because many computers are used.
This is a general term used to describe the process of someone else taking unauthorized control of your computer. Even non-technical people can hack your computer as there is a lot of information on the Internet how to do that.
- Phishing (spoofing)
A very effective way to steal personal and financial information by getting hold of your username and password. This is usually done by sending you a message or a link and prompting you to follow it.
Is a special type of malware that was specially created to block access to your computer and information. It displays a message demanding money if you want the restriction removed. The most probable ways ramsomware gets into your computer are phishing emails with malicious attachments and website pop-up advertisements.
It’s a type of malicious software that collects your personal information without you even knowing it. Spyware, as the name suggest, is constantly spying on you and your business. Spyware is very difficult to remove and is a gateway for viruses to your computer.
A type of malicious software that often disguises itself as legitimate software. Trojans are often used by hackers and cyber-thieves to get access to computer systems. Having got onto your computer Trojans can delete, block, modify copy data, etc. Trojans can often serve to download more malware.
The computer virus is malicious software that is capable of self-replication and copying itself all over your computer. The purpose why hackers create viruses is to get access to systems and admin control and steal sensitive data. The ideal way to spread viruses is via emails, users just needs to open the email attachments and infecting happens automatically.
- Wi-Fi Eavesdropping (“man-in-the-middle” or “evil twin”)
This is another method of getting access to your personal data. This criminal scheme works as follows: a bogus Wi-Fi hotspot is set-up imitating a legitimate Wi-Fi hotspot (that’s why “evil twin”). The user connects to that fake hotspot and after that all sent information and data is visible to cyber criminal(s). This data includes: emails, passwords, documents, login details, etc.
The security threats listed above can lead to the following database threats below:
- Unauthorized access
When a database user is hacked, the cyber criminal can get access to proprietary sensitive data. And be sure that after that your sensitive information is not only yours.
- Database injection attacks
When we speak about injections in regard to databases of course we mean SQL injections. Unfortunately, this fundamental class of attacks is also effective against NoSQL “big data” platforms. Once a cyber criminal gets access to a database your sensitive business and personal data is no longer safe.
- Exploitation of database vulnerabilities
Each database has vulnerabilities. Companies and organizations are doing their best to patch their databases. Unfortunately, that is sometimes not enough and attackers can find their way into database(s) with business and personal information which is often considered to be a business-critical asset.
- Unmanaged sensitive data
Many companies are doing their best to keep their company databases up-to-date. And that means adding new data on regular basis. And often this data stays unattended and unmanaged for a long time falling prey to cyber criminals. A mechanism to recover this data should be in place to guarantee consistency and safety of all sensitive data.
- The human factor
According to some reports the human factor is responsible for up to 30% of all data breaches and loss. Human negligence and lack of expertise can be the root cause of data loss and exposure. Cyber criminals are using social engineering techniques and the methods above to get access to employee’s accounts and later to databases.
DataSunrise is the company that can take care of the safety of your databases. We’re fully aware of Internet security threats and database threats associated with that. With DataSunrise Database Security Suite your sensitive data is safe both on-prem and in the cloud.