Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
Databases are a popular target for attackers because of the valuable information that databases can contain. Before an attacker can steal this data, however, they must acquire database credentials or access the database through other means. Depending on the sensitivity of the information in the accessed database, the impact can be devastating if important, proprietary, or customer data is leaked.
The system might change the risk score for this detection.
Kill Chain
Risk Score
65
Database information can be exfiltrated by an employee with authorized access to a database or by an attacker who gains unauthorized access through malware or techniques such as SQL injection. After gaining database access, the attacker might attempt data staging. Data staging is the process of collecting and preparing data for exfiltration. Ultimately, data is transferred out of the database over protocols such as MySQL, Oracle TNS, or Microsoft TDS to unauthorized users. To hide their activity, attackers might encrypt data before they transfer it.
Implement strict rules for outbound traffic from databases that contain valuable data
Implement strict audit controls that log every database change
Review authentication methods and enforce policies for secure credentials creation and multi-factor authentication on databases
