Slavik Markovich CTO, Database Security, McAfee Slavik Markovich is CTO of Database Security at McAfee and was ...
We’ve seen it before, and we’ll see it again: Yahoo, Utah Department of Technology Service, LinkedIn, eHarmony – the list goes on. The number of database breaches through Q3 2012 has already surpassed the entirety of 2011, with more sure to come. In the latest McAfee Labs Threats Report, we saw a few new trends in data breaches that may provide critical insight for protecting the valuable and sensitive information stored within corporate databases.
Looking at notable database vulnerabilities unique to Q3, two Oracle zero-day flaws were announced. While we can’t yet point to a growth trend in this area, two significant zero-day vulnerabilities disclosed in such a brief timeframe is highly unusual, making it clear that databases are now serious targets for cyber attack.
A second notable development this quarter was the high number of newly discovered MySQL vulnerabilities, reflecting the growing popularity of this open-source platform. Despite the fact that MySQL has a code base that is constantly improved by the developer community, it will never be completely immune to attack.
While new and advanced threats tend to garner the most attention, simple hacks that exploit easy-to-fix vulnerabilities were a mainstay in our Q3 Report. Given this, it’s not surprising that most 2012 breaches were avoidable (at least in hindsight), as targets are most often selected based on the pre-existence of exploitable weaknesses. Nevertheless, roughly half of organizations still depend on a security strategy that is deficient for these environments – leaving the database open to both APTs and simple hacks.
Ultimately, dedicated database security is the best way to protect business-critical databases, and it requires full integration of dedicated solutions as part of a multi-layer strategy. Dedicated solutions are the only means of effectively protecting against the threat of privileged insiders, and they also ensure immediately security updates when new vulnerabilities are discovered for a particular DBMS. Perimeter security (Firewall, NIPS, etc.) can block breach attempts from the outside, but these measures aren’t designed to prevent malicious insider activity targeting the database.
The challenge, then, is to select the right tools for the job, building a database program that easily integrates into your overall information security strategy to…
Protecting the valuable and confidential information stored within databases is vital for maintaining the integrity and reputation of organizations everywhere – not to mention ensuring regulatory compliance. For more on how to establish a critical line of defense through dedicated database security, visit our website, and download the full Q3 Threats Report here.