Google can steal your data?
How hackers steal data is getting more sophisticated, they now involving more search engines technology such as Google. It only takes a few seconds to snatch Social Security numbers from Web sites by using the search method.
The fact that Social Security numbers on the Web is human error, because such information should not be published there. However, the hackers have been using Google in a sophisticated way to automate attacks against Web sites, said Shulman (founder and CTO Imperva – database and Application Security Company).
In the presentation at the RSA Conference, Shulman said that the new Imperva find ways to execute to SQL injection attacks coming from Google. In an SQL injection attack, the malicious instructions are included in Web-based form and answered by the Web application. This often resulted sensitive information from the back-end database or used to insert malicious codes in the web page.
Google’s manipulation is particularly liked by the hackers because of the anonym nature - for hackers and automated attacker engines. Tools like Goolag and Gooscan can execute wide search on the web to find vulnerable points, and provide a list of Web sites that have a problem.
Another method is Google Worms, which use a search engine to find certain weaknesses points. With the inclusion of additional code, that vulnerability can be exploited. “In 2004, this is science fiction. In 2008, this became a painful reality, “Shulman said.
Google and the search engines are taking other steps to stop such abuse. Google, for example, have a particular search method that can produce the collection of Social Security numbers in a wipe. Google also limit the number of search queries that are sent per minute, which can slow the search for mass Web sites that have a grip of weakness.
But this only makes the hacker must be a little patient. Limit the search also hurt security professionals who want to do automatic daily searches of the problems in the Web sites it, said Shulman.
Another type of attack is the “site masks,” which caused a legal Web site that disappeared from the search results. If you find sites that the contents the same, the Google search engine will removing one of the index results.
This circumstances is used by hackers to create a Web site that has links to Web pages competitors, but filtered through a proxy server. Google indexes the content under the domain proxy. If this is done several times with more proxy server, Google will assume that it’s correct Web pages as duplicates, and removing from the index.
One way a Web admin should do, according to Shulman, is to protect the web sites from being indexed other than by legal search engine IP address.
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
