ISU’s Cyber Security Geeks
This Saturday, 7 team members and I will be competing for ISU at the annual Illinois/Indiana Collegiate Cyber Defense Competition held at Moraine Valley Community College in Palos Hills, IL. I have been on the team for 4 years now and it has provided me with some great experience in working with cyber security. As you may know, there is a huge threat in today’s world called cyber warfare, and the government is constantly looking for people with the skills to defend against these threats. In case you didn’t already know, cyber warfare is defined as “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.” Our nation recognizes this as a growing issue and they are doing all they can to protect against it. In fact, the Obama administration just proposed a spending increase of 35% (or $548 million) by next year in cybersecurity research. The government hopes that increasing research on cybersecurity will reduce the risk of insider threats and ensure the safety of control systems such as those used at power plants.
My role on the Cyber Defense team for the past couple of years has been to protect against security threats on the web servers. For those of you who don’t know what I’m talking about, a web server is basically a place where a website and all of its files are hosted. When you access any site on the internet, you are accessing that website directly from a web server. The web server holds all of the files (code and anything else) needed to make that website appear and work the way it does. The web server is responsible for protecting against most of the security attacks that could possibly affect your website. I will explain a few different kinds of attacks that you probably didn’t already know were possible and explain how these attacks can be mitigated.
SQL Injection Attacks
When you visit a website like amazon to buy an item, you have to enter in a lot of personal and payment information to complete an order. All of this information is stored in a database somewhere behind the scenes. SQL (Structured Query Lanaguage) is a language that tells the database to get a certain set of information and display it. So the application talks to the database with SQL in order to pull that information out again when you want to order something else in the future. This way, you don’t have to re-enter all of your data again when you want to buy something else. The dangerous side of all of this is that, if a website is unsecure, a hacker can potentially insert SQL into the input fields on a website, and manipulate data in the database in a malicious way. For instance, say that I was a hacker, and I inserted the following SQL into the input field that asks for your first name on a website:
DROP TABLE `users`;
This text would delete the entire users table from the database. So next time you went to the site, your data would no longer be there, and that company would be in big trouble because the user data would not exist any longer. In order to protect against something like this, the web server would need some security filters put in place to look for specific words such as “drop” being entered so it could block those bad requests.
Denial of Service (DoS) Attack
This method of attack involves saturating a target machine (such as a web server) with external communications requests, so that it cannot respond to traffic at all, or is rendered effectively unavailable because of slowness. If you have ever been to Twitter when it is over capacity, you may have seen a picture of a bunch of birds trying to lift a huge whale. This happens because there are too many people on twitter at the same time; a Denial of Service attack is similar because it can render you unable to use a website because someone else is sending it too many requests at a given time. There are ways to limit the number of requests coming from a specific source on the web server, so that these types of DoS attacks can be avoided.
Cross-Site Scripting (XSS) Attack
Any time a visitor comes to that page from now on, this would cause an alert message to pop up on that page saying “pwnd.” This is not the only thing XSS injections can do, but it is the simplest example of an attack. Similar filters on the web server that would be used to block SQL injection attacks, can be used to block XSS attacks as well.
All of this information, though technical and boring, is here to remind you that nothing on the internet is 100% safe. So, you should keep in mind that every time you provide your personal data on the internet, there is a chance that someone could get that data through malicious means. I hope that this blog has taught you something valuable about cyber security. Now don’t forget to go take the Blackboard quiz!
Thanks for reading the article and have a great weekend! ~ Megan
Entry filed under: Uncategorized.