Microsoft Subnet Blog

by Julie Bort

Previous Article Next Article

Third wave of SQL injection attacks

By Microsoft Subnet on Thu, 05/15/08 - 4:13pm.

Share
Tweet This
Email this page
Comment
Print

Who's at fault for the ongoing, massive SQL injection attack now entering its third wave? Obviously the hackers trying to create their botnets. But beyond that, the makers of Web server software (like Microsoft) say that poor programming on the part of the user is what makes so many sites vulnerable. IBM is today reporting a third wave of sites compromised by SQL injection attacks. In April, F-Secure found evidence of another huge round of infected Web sites.

Rsearchers say at least a half million sites have been hit. In the first wave, many pundits in the blogosphere were quick to blame Microsoft IIS and/or SQL Server, but how fair is that? Bill Sisk from the Microsoft Security Team posted a blog in response. Sisk insists that no new vulnerabilities were found. He also says that better coding practices on the part of the developers can prevent this kind attack -- and he offers examples of those practices.

Interestingly, too, Microsoft's Terry Zink's Anti-spam blog offers up some scary stats on botnets these days. From a mere 9-day sample of spam traced from Hotmail, researchers saw:

294 botnets detected and about 460,000 individual bots (about 1600 bots per botnet). Half the botnets contained over 1000 machines. But the other half weren't, meaning smaller, more nimble botnets may be the vogue thing these days.
80% of the botnets detected were actually using less than half of the bots under their control. (Not sure how researchers detected that one ..) Botnet owners are becoming more savvy about keeping drones under the radar and off blocklists. Large botnets don't necessarily send more spam -- they send less spam per drone which may help keep individual drones undetected.
Most botnest live a long time. 60% of botnet-related spam come from older well-known botnets on well-known bot IP addresses.
Half the botnets in this sample used drones from over 30 countries.

Go to the Microsoft Subnet home page for more news, blogs, podcasts.

More Microsoft Subnet blog posts:
Messenger and Hotmail land on the BlackBerry
Microsoft is gunning to make SMBs happy with new WS2008 bundles
Will an investor force Yahoo/Microsoft together?
Microsoft plug-in makes documents more accessible to the blind
Write a screenplay, win prizes and grow to love Vista

Plus, check out Microsoft Subnet's expert bloggers:
Mitchell Ashley's Converging on Microsoft blog
Mitchell Ashley's Converging on Microsoft podcast
Tyson Kopczynski: Hidden Microsoft
Kerrie Meyler: Managing Microsoft
Ron Barrett: A Better Windows World
Glenn Weadock: Windows Server 2008
Alex Lewis: Windows into Silicon Valley
Brian Egler: SQL Server Strategies
Scot Hillier: SharePoint Developer
More Microsoft Subnet bloggers

Sign up for the bi-weekly Microsoft newsletter. (Click on News/Microsoft News Alert.)

Tags

Welcome, visitor. Register Log in

About Microsoft Subnet Blog

The Microsoft Subnet blog is the official blog of the Network World's Microsoft Subnet community, managed by editor Julie Bort. Microsoft Subnet is the independent voice of Microsoft customers and is your gateway to daily Microsoft news, blogs, opinion, books, prize giveaways and more. Visit the Microsoft Subnet index page daily, and while you are there, subscribe to the Microsoft newsletter. The newsletter includes news generated by the Microsoft Subnet community as well as other Microsoft news stories published by Network World.

(OS community)
(Microsoft RSS feed)