- 75% of breaches resulted from external threats, while just 20 per cent were caused by insiders.
- 81 % of affected organizations subject to the Payment Card Industry Data Security Standard were found to be non-compliant prior to being breached.
- 53% of stolen data records came from organizations using shared or default credentials
- 83 % of hacks were considered avoidable through simple or intermediate controls
Reproduced from an article published by SC Magazine
Society & Technology
With the increasing significance and importance of information technology in our everyday life, environment is growing with its meaning. Such growth offers a lot of potential and the opportunity of a possible linking of our society in combination with rising prosperity. But each one should also be aware of the dark side of this development. The increasing use of this technology also includes new risks. One such risk is the subject of IT security.
Against this background we are concerned with the design of an artificial intelligence which independently analyzes vulnerabilities on the basis of non-human behaviors and uses these informations to perform further actions. Through the regulation of the so-called hacker paragraphs (202c StGB) the desired development is linked to legal obstacles, as this paragraph regulates the research on safety-critical aspects of the infrastructure telecommunication as a act of crime.
Artificial Intelligence against increasing vulnerabilities
Many processes of a hacking attack are based on routine and depending on individual settings and configurations of the target system. These attacks can be adjust in a protected frame with an artificial intelligence to be as efficient as possible to resolve many security vulnerabilities. The work routine is imitated by the developed system and responds to individual outputs in order to recreate a realistic attack.
Let me make that clear with a simple example. SQL injection is a technique often used to attack data driven applications. This is done by including portions of SQL statements in an entry field in an attempt to get the website to pass a newly formed rogue SQL command to the database (e.g. dump the database contents to the attacker). The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed.
This point addresses the artificial intelligence. It mimics the procedure described for a SQL injection attack and verifies the output for specific keywords. Based on these keywords, it will follow continuing routines. There is a success module as a learning instance which uses an algorithm to calculate the most effective and most widespread techniques of attack. Additionally this kind of information can be used to improve the efficiency of the developed system or generate reports for the customer.
This scenario of SQL injection can be applied to various other methods of attack spread. Some other conceivable methods of attack would be: Cross-Site-Scripting, Cross-Site Request Forgery and XSS Filter Evasion Cheat Sheet. This principle of the system-dependent behavior can be aligned to other potential vulnerabilities of target systems. By establishing behavioral response we are able to prevent not only any kind of DDoS, but we are also able to detect forms of IP spoofing. Conversely one is able to identify and analyze the situation of safety techniques and deal with them furthermore.
Optionally, the artificial intelligence system interacts with the aim to close the identified weaknesses by appropriate settings and filters. This software is developed under government regulation and in consultation with the Federal Office for Information Security and the Federal Office of Criminal Investigation. Transfers may be made only to verified partner.
Figures from the latest Web Hacking Incidents Database Annual Report
- 30% of the 57 attacks were carried out by SQL injection (actually the most common style of attack, which involves inputting commands into web-based forms or URLs in order to return data held in back-end databases or plant malware in order to infect computers visiting the site)
- The second common attack was cross-site scripting (a cross-site scripting flaw can allow data or malicious code to be drawn from another a Web site, which can potentially cause a data breach)
- Government, law enforcement and political websites were the most targeted categories of hacked websites.
- The second most popular motivation was stealing sensitive information, which occurred in 19 % of the hacked websites
- 16% - planting malware
- 13 % - causing monetary loss
- The remaining attacks caused downtime for a website, planted worms and linked spam and information warfare.
Vulnerability Risk Management
The following diagram depicts the vulnerabilities found in 150 companies.