SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Data Worms

By Steve Jones,

Effective data administration include backups. I would argue this is the most important part of managing your data since no matter what happens, backups give you the ability to recover your system. Whether it's an accidental data modification by a user, a hardware failure, a natural disaster or some other event, having a copy of your data (or log) on some other system or media can be the difference between getting back to work and having to go find other work.

For the most part we've been concerned over disasters that are random, and while they may be destructive, their effect is usually limited in scope. SQL injection attacks often affect a single system, and with a good backup, you can usually recover your data quickly. However that may be changing as the world grows closer together.

The Shamoon malware has been causing problems lately and making companies rethink their incident response. The worm has wiped workstations and destroyed data. Destructive software is nothing new, but as more and more cyber warfare takes places at the government level, it's likely that retaliation might target civilian targets, especially successful companies. I'd hate to think that destructive malware might target databases, but I'm sure it will. The SQL Slammer worm was a complete disruption of our database services for days at JD Edwards almost a decade ago, but it could have been much worse if that malware had been written to be destructive.

We don't have default names and passwords in SQL Server, but we should make sure all accounts have strong passwords. There's also some value in not configuring all systems identically. It makes management easier, but it also makes a successful attack that much more successful. 

Steve Jones

The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Total article views: 143 | Views in the last 30 days: 1
Related Articles

Podcast Announcements

Podcast Feeds


Whitepaper on Malware to Attack Databases

Cesar Cerrudo of Argeniss Information Security has put out a new whitepaper (.pdf format), Data0: Ne...



A new video setup is on the way!!!! Actually I'll do a couple podcasts on podcasting over the hol...



I'm working on getting a small studio set up for some podcasting of the editorials. That means I put...


Preventing NT AUTHORITY\SYSTEM to take backups

Preventing NT AUTHORITY\SYSTEM to take backups

backup and restore