Research Paper
docx
keyboard_arrow_up
School
University of Wisconsin, Stout *
*We aren’t endorsed by this school
Course
6035
Subject
Information Systems
Date
Apr 3, 2024
Type
docx
Pages
3
Uploaded by KidArt9882
How Rasputin the Russian hacker used SQL injec-
tions to hack the world. Abstract—
With the continuous expansion of the internet, it’s im-
possible for businesses, schools, and government agencies to in-
teract with the pubic without a web application. This report ex-
plores a specific incident in cybercrime where a Russian hacker
nicknamed “Rasputin” utilized SQL injections to breach web ap-
plications of 60 universities as well as US and UK based govern-
ment agencies (Osborne, 2017).
1 INTRODUCTION
1.1 Background
First, we need to explore the incident and describe the details that lead up to so
many institutions becoming vulnerable to the same attack. The hacker Rasputin
was first identified in 2016 by a private threat intelligence firm Recorded Future
(BARYSEVICH, 2016). Rasputin was offering to sell compromised accounts ob-
tained through breaching the U.S. Election Assistance Commission (EAC). The
commission is charged with certifying and testing voting equipment across the
nation to which a “systems status report page” is updated and maintained
through an online database. This database has an online portal to which em-
ployees can log in and monitor the appropriate systems, this is where Rasputin
launched his cyberattack. Rasputin was slowly able to compromise roughly 100
accounts utilizing SQL injections, some account even being administrator ac-
counts to which he had the ability to access and change anything he wished
(BARYSEVICH, 2016). Upon discovering this threat actor, investigations were
launched by the Federal Bureau of Investigation (FBI) and the Department of
Homeland Security (DHS) to further asses the damages Rasputin may have
caused, in February 2017 the public was updated and learned that the Russian
hacker is now being credited with over 60 SQL injection attacks to include uni-
versities and other government agencies (Osborne, 2017). To understand how
Rasputin was able to do this undetected one must first understand how SQL in-
jections work and why they’ve become a popular means of cybercrime. 1
1.2
SQL Injections (SQLi)
The following definition is given by PortSwigger a web security company. “SQL injection (SQLi) is a web security vulnerability that allows
an attacker to interfere with the queries that an application
makes to its database. It generally allows an attacker to view data
that they are not normally able to retrieve.” (
What Is SQL Injec-
tion? Tutorial & Examples | Web Security Academy
, n.d.)
Given the definition above we can begin to see how Rasputin gained access to
the vulnerable systems. Vulnerabilities are the result of poor programming of
the application and the utilization of third-party software being used by the
government and other institutions (GUNDERT, 2017). It has also been found
that SQLi attacks was the third biggest web application security risk in 2021
(
A03 Injection - OWASP Top 10:2021
, n.d.). 2 DIAMOND MODEL
3 POLICY AND RECCOMENDATIONS
2
4 REFERENCES
1.
Osborne, C. (2017, February 16). Lone hacker Rasputin breaches 60 uni-
versities, federal agencies. ZDNET. https://www.zdnet.com/article/lone-
hacker-breaches-60-universities-federal-agencies/
2.
Russian-Speaking Hacker Selling Access to the US Election Assistance
Commission | Recorded Future. (n.d.). https://www.recordedfuture.com/
rasputin-eac-breach
3.
What is SQL Injection? Tutorial & Examples | Web Security Academy.
(n.d.). https://portswigger.net/web-security/sql-injection 4.
GUNDERT, L. (2017, February 15). Russian-Speaking Hacker Sells SQLi
for Unauthorized Access to Over 60 Universities and Government Agencies
| Recorded Future. Recorded Future. https://www.recordedfuture.com/re-
cent-rasputin-activity
5.
A03Injection-OWASPTop10:2021. (n.d.).
https://owasp.org/Top10/
A03_2021-Injection/
6.
3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help