CASE STUDY

Flywell, an Airline company, recently experienced an SQL injection attack. The attack exploited a vulnerability in the web application that allow users to connect to its Oracle Database. The SQL injection was embedded in the web URL which triggered the dynamic SQL statements in the website HTML to send a request to the database for access to the table that contains the web administrator's login details. The SQL injection also left a backdoor in the database system that sends a log of the database structure and each updated file to the attacker. Furthermore, the database server instance component was compromised as the attacker took control of the server and would not allow anyone (even legitimate users access to the web server).

The Oracle Database was linked to one SQL database and another Microsoft SQL Server. The SQL database was used for authenticating users on the database server while the Microsoft SQL Server was used to grant access to client machines with a Windows operating system. Both two databases were compromised and the links to the Oracle Database were severed.

 

Question 1: 

Explain with specific examples linked to the case scenario, how the Airline could have prevented the attack. Your answer should include

1.1  A detailed explanation of how the Airline could have identified the vulnerabilities within the database environment.

1.2  You should also include the steps and processes that the Airline should have carried to identify any potential threats in the database environment.

1.3 You should also explain the defense mechanisms that the Airline should have adopted once the vulnerabilities/threats had been identified.