By Byron Acohido, USA TODAY
Website-infecting SQL injection attacks hit 450,000 a day
Cybercriminals are spreading invisible infections far and wide across the Internet by hammering hundreds of thousands of websites each day with so-called SQL injection attacks.
The trend started last summer and has continued to accelerate. IBM Internet Security Systems says it identified 50% more infected Web pages in the last three months of 2008 than it did in all of 2007.
Click on one and you won't notice anything. Your PC gets turned into an obedient "bot," short for robot, deployed to attack other computers. All of your sensitive data get stolen.
SQL attacks take aim at the database layer of websites. They typically were manual attacks designed to pilfer customer data from merchant websites. But last June someone figured out how to automate the attacks, and use them to plant infections.
"It was a brilliant tactical move. You sit back and wait for someone to visit the site, and soon you infect thousands of PCs," says Ryan Barnett, Breach Security's director of research.
An infected PC thereafter gets put to work delivering spam and spreading more infections. And any sensitive data, such as log-ons and account numbers, get stolen.
For the first five months of 2008 IBM ISS helped large corporations block about 5,000 SQL attacks a day. By mid-June, daily attacks spiked to 25,000; by October they topped 450,000 a day. Holly Stewart, IBM ISS threat response manager, says the infections take advantage of security flaws in cool website features, such as online-delivered video, music, photos, documents and work files.
"Web applications are one of the most outward facing components a corporation could have, and one of the least protected," she says. "And SQL injection is the fastest-growing category of attacks affecting Web applications."
Giant financial institutions and online merchants have put up strong defenses, says Phil Neray, vice president of security strategy at Guardium, a database security firm. "The same is not necessarily true of regional banks and credit unions, smaller online retailers and state government agencies."
Security experts say consumers must keep updates for anything to do with their browser current, though most now do not do this. This includes updates for Internet Explorer, Firefox, Safari, Opera, Chrome, Adobe Flash, Adobe Reader, iTunes, QuickTime, Windows Media Player and RealPlayer. Such updates increasingly include important security patches that can block infections from taking hold.
Learn more on why .aspx .php urls struggle to rank in google
Learn more about Search Engine Optimization, the most effective form of online advertising.
Search Engine Marketing is the fastest growing advertising medium in the world, projected to become 10x more powerful and influential than traditional media outlets such as: network television, cable television, local television, network radio, local radio, satellite radio, national newspapers, local newspapers, magazines, billboards, direct mail, telemarketing and more.
Discover the most powerful and effective form of advertising, Search Engine Optimization.
An aside for consideration are the segments of Search Engine Optimization. Clarification is required in terms of paid search marketing, sponsored search advertising, pay per click, email marketing (spam), and the foundation of strategic internet marketing: Organic Search Engine Optimization - Organic SEO in some circles also referred to as Natural Search Engine Optimization - Natural SEO.
Key Organic Search Engine Optimization Facts:
- Keyword search is the 2nd most popular online activity, rapidly approaching the popularity of email retrieval.
- 90% of all new website visitors are delivered by a major search engine and/or directory.
- 98% of all keyword search activity results are powered by the big 4 search engines: Google, Yahoo, MSN and AOL.
- Keyword search results on Google, Yahoo, MSN and AOL are all determined by a search engine spider and/or robot crawler.
- Recent internet marketing studies confirm that keyword searchers prefer the organic results at a 6 to 1 ratio vs. pay-per-click sponsored search advertising listings.
Is your corporate website being found early and often on the keywords and keyword phrases that best describe your products, services and industry?
Harness the power that our proven organic search engine optimization technologies can provide...
Contact the Peak Positions Organic SEO consulting specialists today.
Learn more about our client roster, one of the strongest in the SEO industry, and more importantly discover why our client-focused Organic Search Engine Optimization company maintains the highest client retention rate in the SEO industry.
"Our year over year order anniversary flowers revenues are climbing rapidly in a timid economy. If you are looking for an excellent SEO Company, we suggest Peak Positions" ...
SEO Case Study