In this article, we’ll look at an SQL injection attack. We’ll look at what offences are committed in different countries when a crime like this happens, how you should report the crime, and what evidence you can preserve. Take this scenario:
A company has a web server and associated database configured to serve dynamic content. The company has set up its website insecurely, leaving it vulnerable to input validation attacks. A cybercriminal has been hired by a competitor of the company to “take the company offline”. The cybercriminal has identified that the company website is susceptible to SQL injection, so performs a series of SQL injection attacks. This results in the deletion of a number of tables from the database, rendering the company website inoperable…