Contact
QR code for the current URL

Press release Box-ID: 284959

Imperva Inc. 3400 Bridge Parkway, Suite 101 94065 Redwood Shores, CA, United States http://www.imperva.com
Contact Mr Neil Stinchcombe +44 20 7183 2833
Company logo of Imperva Inc.
Imperva Inc.

Imperva says new SQL injection attacks from China are 'unique'

(PresseBox) ( Redwood Shores, CA, )
Imperva, the data security specialist, has said the mass SQL injection attack infecting hundreds of thousands of web sites show some unique characteristics, as all the attacks stem from China.

"We have been tracking this specific attack for the past 4 weeks and all the IP addresses that the automated attacks have come from are based in China. This is something unique, as usually attacks of this nature come from infected BOT PCs based all over the world rather than in one country. The SQL injection attack vector us in the attack is by itself quite standard and has been in common usage for the past 18 months. Any descent Web Application Firewall should be able to detect it" said Amichai Shulman, Imperva's chief technology officer.

The Imperva CTO continued: "We are seeing a constant flow of attacks aimed at drive-by-download. Just in the past two month we have seen 3 different strands of such attack campaigns. In this latest wave we have recorded the attack coming from more than 60 servers based in China attacking sites around the world, rather than the global network typically seen in such attacks. Interestingly enough, 4 weeks into this attack campaign the malware distribution servers are still up and running.

The attack targets innocent visitors of the sites that have been hit, as it injects malicious IFRAME into these sites. Thus visitors are unknowingly downloading malware from China based servers while visiting such an infected site. Once infected by this malware, a user's computer becomes a Zombie in a BOTNET that will later be used to distribute spam, participate in coordinated DDoS attacks or simply by used for extracting personal access credentials to other sites.

The Imperva CTO said that this type of SQL injection is one of the top five most popular attacks used by malicious hackers today and Enterprises should take appropriate external (web application firewall) and internal (code changes) to prevent their web servers becoming a source for distributing malware for cyber criminals.

Advice for enterprises:

- use application firewalls to protect themselves from infection
- use scanners and other tools to find and remove vulnerabilities in their website code
- ensure all application patches are implemented

Advice for individuals:

- ensure all browser updates are implemented immediately
- use the best technology to protect web browsing based on behavioural real-time technology
- implement all security signatures as soon as they are available

For further insight into the attacks, go to Amichai Shulman’s blog at:
http://blog.imperva.com/2009/08/the-chinese-syndrom.html

For more on Imperva: http://www.imperva.com

Imperva Inc.

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world's leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.

The publisher indicated in each case is solely responsible for the press releases above, the event or job offer displayed, and the image and sound material used (see company info when clicking on image/message title or company info right column). As a rule, the publisher is also the author of the press releases and the attached image, sound and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2022, All rights reserved

The publisher indicated in each case is solely responsible for the press releases above, the event or job offer displayed, and the image and sound material used (see company info when clicking on image/message title or company info right column). As a rule, the publisher is also the author of the press releases and the attached image, sound and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.