How security flaws work: SQL injection

A demonstration of SQL injection in action. (video link)

Thirty-one-year-old Laurie Love is currently staring down the possibility of 99 years in prison. After being extradited to the US recently, he stands accused of attacking systems belonging to the US government. It was allegedly part of the #OpLastResort hack in 2013, which targeted the US Army, the US Federal Reserve, the FBI, NASA, and the Missile Defense Agency in retaliation over the tragic suicide of Aaron Swartz as the hacktivist infamously awaited trial.

Love is accused of participating in the #OpLastResort initiative through SQL injection attacks, an increasingly commonly seen tactic. SQL injections have recently been detected against state electoral boards, and these attacks are regularly implicated in thefts of financial info. Today, they’ve become a significant and recurring problem.

Read 62 remaining paragraphs | Comments