Details for nearly 200,000 Grand Theft Auto fan site users have been traded on the digital underground. This contains email addresses, hashed passwords, dates of birth, and IP addresses. Deepak Patel, Director of Security Strategy at Imperva commented below.
Deepak Patel, Director of Security Strategy at Imperva:
“Data breaches in online video games are steadily growing every year. If this breach was the result of SQL injection, there are several effective ways to prevent those types of attacks from taking place, as well as protecting against them. The first step is input validation or sanitization, which is the practice of writing code that can identify illegitimate user inputs. While input validation should always be considered best practice, it is rarely a foolproof solution.
“The reality is that, in most cases, it is simply not feasible to map out all legal and illegal inputs—at least not without causing a large amount of false positives, which interfere with user experience and an application’s functionality. For this reason, video game companies need to employ a web application firewall (WAF) to filter out SQLI, as well as other online threats. WAF typically relies on a large, and constantly updated, list of meticulously crafted signatures that allow it to surgically weed out malicious SQL queries. Usually, such a list holds signatures to address specific attack vectors, and is regularly patched to introduce blocking rules for newly discovered vulnerabilities. Modern web application firewalls are also often integrated with other security solutions. From these, a WAF can receive additional information that further augments its security capabilities.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…