French enterprises have the highest utilization of databases with low security, with more than 8 of the 10 databases including one or more vulnerabilities.
The lower security database utilization in the Asia-Pacific region is higher in Australia and Singapore, with 65% of databases containing at least one vulnerability in Australia and 64% in Singapore.
Said Elad Erez, chief innovation officer of Imperva. Many companies advocate investment safety loudly, but most of them fail. Too many enterprises put too much faith in security products and old-fashioned processes, ignoring the security of the database. "
Special editing of books
Although he is transitioning to a cloud database, Mr Eres worries that most companies store the densest data in local databases.
"given that almost one out of every two local databases is vulnerable, the possibility of continued increase in data infringement is very high."
Database vulnerabilities give attackers an excellent opportunity. Another survey conducted by Imperva Research Labs in early 2021 showed that data infringement increased by 30% each year, and the number of records violated increased by an average of 224%.
Attackers may abuse Web application vulnerabilities by means such as SQL injection. About 50% of the violations in recent years have occurred at the application layer. It has always been the same that application vulnerabilities are threats. It is also possible to invade the company's internal network through phishing and malware and move it as a clue to a fragile database.
Attackers may use repositories such as "Exploit Database" to obtain malicious code and use tools such as "Shodan" to identify vulnerable targets.
Given that a staggering number of vulnerabilities exist in local databases, it is not surprising that accidents of information leaks have increased by an average of more than 15% in 12 months.
An analysis of data infringement after 2017 found that 74% of the stolen data were personal information, and login qualification information (15%) and credit card information (10%) were profit targets.
"attackers use tools that move the network horizontally based on a database."
"the explosive surge in data infringement is evidence that there is not enough investment in time sources to really ensure data security. We need to establish a security strategy that puts data protection in all centers. "(Eres)
