Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Cyberwar

By Steve Jones,

There are no shortage of books about cyberattacks and hackers. Some of these fictional stories even postulate that countries will build armies and engage in digital war with other countries. Some of this has come true, with the US and Israel attacking Iranian targets, suspected Chinese hackers targeting the US, and the announcement that Britain is building their own cyber army.

While there are certainly no shortage of attacks made on corporations every day, how long before countries make determined efforts to disrupt their enemies' economies with digital war? It's a scary thought, and given the poor security habits of so many developers, it's possible that many companies might find themselves struggling to conduct businesses while under attack. It might not be any different than if conventional weapons were being used near our facilities.

The state of coding by so many "developers" today is somewhat scary. It's not even old applications that are vulnerable to SQL Injection, but even new systems that have poor security practices being used that are vulnerable.

I think that secure coding practices like these should be implemented by anyone writing software. I think examples, frameworks, and presentations about coding shouldn't use simple passwords and bypass checks. Yes, it's a pain for those that teach, but it also means that shoddy coding practices aren't proliferated as people borrow your code and alter your examples.

Security is a problem, but I think a lot of the issues would be minimized if we, as an industry and professionals, learned to write more secure code as a matter of habit, not as an additional feature to be added later.

Total article views: 81 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

Security Focus

Are IT administrators focusing on the wrong attacks when securing their systems? Should we as DBAs a...

FORUM

injection attack

injection attack to saeed

BLOG

SQL Server 2005 Security Best Practices Whitepaper Released

Saw this first here: SQL Server 2005 Security Best Practices. It's on the blog for Microsoft UK's SQ...

ARTICLE

Expect an Attack

Most companies in a recent survey expect to get hacked this year. Steve Jones wishes that the techno...

FORUM

Security Best Practices

Best practices for accessing remote report server

Tags
editorial    
security    
software development    
today    
 
Contribute

Join the most active online SQL Server Community

SQL knowledge, delivered daily, free:

Email address:  

You make SSC a better place

As a member of SQLServerCentral, you get free access to loads of fresh content: thousands of articles and SQL scripts, a library of free eBooks, a weekly database news roundup, a great Q & A platform… And it’s our huge, buzzing community of SQL Server Professionals that makes it such a success.

Join us!

Steve Jones
Editor, SQLServerCentral.com

Already a member? Jump in:

Email address:   Password:   Remember me: Forgotten your password?
Steve Jones