A week rarely goes by without reports of a business or organization being afflicted by a data breach. It has almost become commonplace to read about millions of sensitive electronic records that have been compromised due to a hacker attack or flaw in a company’s security procedures. Every breach has ramifications on the business affected by the data loss as well as the customers or entities that have had their information stolen.
Data breaches can occur in various ways and be conducted by a variety of actors. Some interesting facts can be gleaned from Verizon’s 2019 Data Breach Investigations Report. One surprising statistic is that 43% of data breaches impacted small businesses. This should give pause to management who believes their company is too small to be targeted. Any organization that retains sensitive or valuable information needs to take the proper precautions to protect it.
Further study of the report reveals details concerning who is responsible for data breaches and the techniques used to accomplish the theft. Internal actors were involved in 34% of the data breaches investigated. An additional statistic that should concern all IT managers is that privilege misuse was associated with 15% of the incidents. Elevated levels of access can be employed by internal or external entities.
How Data Breaches Are Caused by Privilege Abuse
The management of privileged accounts needs to be a major focus of IT departments in any size organization. Failure to address unauthorized access to your company’s data is simply asking for trouble. Let’s look at some of the ways that elevated privileges can be used to compromise a company’s sensitive information.
- Former employees or temporary workers may be tempted to steal sensitive information as they leave the organization. Diligent monitoring of employee behavior can help minimize this threat to some degree.
- Third-party contractors often need to be given elevated permissions to perform their work. This introduces an entity that is not entirely under control of the organization for which they are operating and can make it more difficult to fully monitor their activities. Temporary privileges that expire upon completion of a given task is one method of controlling this problem.
- Elevated privileges can be granted inadvertently by an error in the authorization process. It may be an innocent mistake made by a DBA creating a new user account. Immediately investigating any suspicious system activity may uncover users with access that should be revoked before an issue can occur.
- Users may end up with elevated permissions due to faulty internal processes when changing roles within an enterprise. Strict corporate policies regarding revoking unnecessary privileges can mitigate the risk of this issue.
Monitoring user behavior and conducting regular reviews of assigned privileges can help protect your organization from these cases. There is no way to totally eradicate the risk of elevated privileges being used to compromise sensitive or business-critical data.
Credentials can also be stolen and misused by unscrupulous individuals with no connection to the organization. This highlights the need for everyone to protect their account and password details. Best practices stress the importance of not sharing credentials under any circumstances to avoid any potential misuse. Hackers commonly employ phishing scams in attempts to harvest account details they can use to gain unauthorized access to systems and potentially steal sensitive information.
Data Breaches Targeting MySQL Databases
MySQL is one of the most popular databases in the world and many businesses use it to run applications that contain sensitive data. This makes MySQL databases a tempting target for intruders, who have found several methods with which to conduct their attacks. Two in particular are:
- Delivering and executing malicious code through SQL commands. This can be accomplished via either SQL or operating system execution.
- Exploiting a privilege escalation vulnerability in MySQL and related databases. In this scenario, a local user can escalate their privileges and execute code as the database system user. Patches have addressed this vulnerability but you can be sure that hackers are tirelessly searching for new ways to gain elevated privileges to your MySQL databases.
SQLyog can be a very useful tool for DBAs working with MySQL databases. It offers a comprehensive platform from which to manage your MySQL instances and streamline the daily activities of the database team. It includes features that facilitate user management to assist in minimizing the chances of elevated privileges being incorrectly assigned. This includes addressing the possibility of defining redundant privileges in MySQL which can lead to unintentional levels of access for certain users.
DBAs need to use all the tools at their disposal to maintain the security of their databases and the information they contain. SQLyog should be one of the tools they have available if they are responsible for MySQL databases. It can help control the level of privileges assigned to users and keep your data safe.