In the last project I worked on, an SQL injection vulnerability was deployed in production. Our cybersecurity team discovered that, in a specific field of the body of a REST post method, it was possible to insert, without any countermeasures applied, the dreadful SQL escape character “ ‘ “.
What does that mean? Well, it means that any kind of query could be run exploiting that unsupervised passage—even a drop schema.
The first public discussions regarding SQL injection started around 1998. So, it is not a newly discovered vulnerability. Still, some of the developers working in our team were not aware of it. This is one of the reasons why staying updated about cybersecurity breakthroughs is a fundamental aspect of working in IT.
In this article, I’ll provide a list of best practices that you should follow if you want to stay updated and secure.
Hack an existing system
Yes, I’m really suggesting that. However, let’s add the word ‘ethical’ before ‘hacking’. Ethical hacking is the authorized process of hacking vulnerable systems with the aim of raising awareness about security gaps in a particular system. Ethical hacking is also called “white hat” hacking.
What can be better than putting yourself in the position of your enemy to see what measures are being used by others to keep hackers out? This is what ethical hacking helps you achieve. This process will bring you to a whole new level of knowledge. Learning about the latest tools and skills for exploiting systems is a positive consequence.
Practical experience with hacking into other devices teaches you more than theoretical learning. That’s why you’ll see that many of the highest-paid and most-skillful security experts have been hackers in the past. In this field, having knowledge but not hands-on practice is somewhere useless.
Fix existing security issues
Having active experience in fixing security leaks is obviously a step in the right direction. Even if the system you are working on is already pretty robust and secure, you can always try to enhance its security. After all, as Gene Spafford said: “The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then, I wouldn’t stake my life on it.”
You can use tools like Sonarqube that do static code analysis and start fixing issues reported by the tool. It’s very easy and proficient because it does not involve actively searching for security fallouts.
In the example given in the introduction, if one of these tools had been used, the SQL injection would not have deployed in production, and the developer would have learned what an SQL injection is.
Follow OWASP’s guidelines
OWASP—the Open Web Application Security Project—is a non-profit foundation that works to improve software security. The OWASP Top 10 is one of the most popular and appreciated resources released by the OWASP Foundation.
This resource provides a list, updated every year, with the most frequent vulnerabilities found in projects. It also provides several pieces of advice for how to arrange them for the better.
Code analysis tools usually offer significant OWASP Top 10 coverage across many languages to help you protect your systems, your data, and your users.
Let’s take another example. Your resource reports the following problem: “An application is vulnerable to attack when user-supplied data is not validated, filtered, or sanitized by the application.”
And their solution is to use a safe API, which avoids using the interpreter entirely, provides a parameterized interface, or migrates to Object Relational Mapping Tools (ORMs).
This was exactly the problem with our application in the first place. The ORM was skipped entirely, and database queries were relied upon directly to optimize the application’s performance.
Be sure to check the Owasp Top 10 once a year at least.
Stay updated regarding recent cyber attacks
The best way to find out how a thief steals is to ask the person who has been robbed.
Following some guidelines is not enough to ward off danger. You need to know what were the technicalities that made the system vulnerable.
In IT, no system administrator will tell you that they forgot to check for SQL injections or password complexity. However, the internet has resources aplenty that highlight and study the big cyber attacks.
Such websites should be checked frequently. We might be scandalized to find out the bad cybersecurity practices that some companies have implemented. But we may also realize that our system possesses the same vulnerability, and we need to adopt countermeasures.
The knowledge update on cybersecurity breakthroughs should be a spontaneous process. As soon as we learn of a system similar to ours being attacked, we should immediately check our own system. After all, don’t we improve our own security measures at home when we hear that the neighbor’s flat got robbed?
If you want to stay up-to-date regarding recent cybersecurity breakthroughs, it’s not enough to do a standard google search. You need to have some experience in trying to fix or hack a computer system. This is the only way one can better understand the situation.
In addition, it is good to rely on well-known resources such as OWASP for the identification of the most frequently occurring cyber security vulnerabilities. Lastly, you need to stay updated about recent trends in how systems are being attacked.
As always, thank you very much for reading.