Published on 25 Oct 2023
Amidst global reports of ongoing website defacement campaigns, SingCERT has observed Structured Query Language (SQL) injection attacks against a few websites belonging to local organisations, which have led to unauthorised access, website defacement, and/or compromise of sensitive customer or organisational data. Organisations that maintain an online presence must remain vigilant against potential cyber-attacks on their websites.
Measures to Secure Your Website Against SQL Injections
Organisations are urged to:
For more preventive measures and recovery steps, please refer to our advisory on Protecting Your Website From Cyber-Attacks: https://www.csa.gov.sg/alerts-advisories/Advisories/2022/ad-2022-007
Singapore organisations who are affected by a cyber incident or have evidence of any suspicious compromise of your networks should report to SingCERT. A report can be made via SingCERT’s Incident Reporting Form at https://go.gov.sg/singcert-incident-reporting-form.