Why would hackers attack my SQL Server?
What are hackers looking for? If you are not concerned because your data is not sensitive, read on, because hackers are rarely after your data. Your data is secondary. The primary thing most want to do is install malware on the server SQL Server is running on and use it to infiltrate your entire computer network.
Hacker motivations vary, but here are a few that should be considered:
- Hackers are looking for any vector (aka open tcpip port or product) they can use to get inside a company to install malware.
- Hackers want to install “command and control” software on a server.
- Hackers want to use a hacked server to launch attacks against other servers on the Internet.
- Hackers can sell their “command and control” infection to other hackers on the dark web to make money.
- Hackers want to use your servers and hard drives to store content pirated from other sources or store illegal content such as pornography on your servers.
- Hackers want to get into your company specifically to find something other than what is in your SQL Server.
- Hackers want to get valuable or sensitive information from your SQL Server to use to resell, to embarrass your organization, or to blackmail your organization.
- Hackers want to infect the database in your SQL Server databases with bad URLs that can spread to your customers or other users of your application data in order to infect their computers.
- Hackers want to infect your SQL Server and company just to prove to other hackers that they have hacking skills.
- Hackers are looking for credentials stored in database tables, user names and passwords, that allow them to steal and abuse information or money from your employees and customers.
- Hackers are looking for credit card numbers and other financial information.
As you can see, the list of hacker motivations is long, and the list above is not complete. The conclusion you should draw from this is that:
You need to take steps to protect your SQL Server from hackers!