Skip to content

Term of the Week: Buffer Overflow Attack

What is it?

An attack that targets the buffer memory of a device or program by sending more data than the program can handle, thereby writing the extra data into a nearby memory location, which could allow an attacker to run a piece of malicious code.

Why is it important?

If software is not properly patched or designed with secure coding principles from the start, these types of malicious attacks can cause great harm by allowing programs or external parties to access protected nodes or information.

Why does a business professional need to know this?

A buffer overflow can be explained by the old adage that you can’t put 10 pounds of potatoes in a 5-pound bag. When too much data is written to a block, it can overwrite adjacent memory leading to data corruption. A program or device can crash or an attacker can insert malicious code into the overwritten memory and try to execute it.

Because buffer overflow attacks exploit weaknesses in the design of hardware or firmware, defending against such attacks must begin in the early design stages of product development. Because such attacks can potentially give attackers the ability to gain administrator privileges, damage databases, or steal data, mitigating the threat of buffer overflow attacks should have a high priority.

Correctly patching devices, including updating firmware on network equipment, is essential to protect against these types of attacks. When developing products, your best defense is to follow industry best practices for design, development, testing, and code review. Reviewing a program or website for security vulnerabilities before it is placed into production may take a few extra steps, but it will save money if it prevents your system from being exploited. An ounce of prevention is worth a gallon of protection.

A simple buffer overflow attack can take down a web page, a database server, a content management system, or a mail server. The recent Meltdown and Spectre vulnerabilities have shown that buffer overflow attacks have the potential to open up systems to devastating attacks(Claburn 2017)(Newman 2018). These vulnerabilities have been identified in processors manufactured by Intel, AMD, and ARM, which are in a considerable number of computers and devices, including phones, tablets, laptops, and servers.

References

About Shawn Connelly

Photo of Shawn Connelly

Shawn Connelly holds two master’s degrees, one in cybersecurity and information assurance and another in IT management. He holds his Certified Information Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Cisco Certified Network Professional (CCNP), VMware Certified Professional (VCP), VCP-NSX, and six Microsoft Certified Solutions Expert (MCSE) certifications. Shawn has worked for more than 20 years in IT, including the last five years as a director of security.

Term: Buffer Overflow Attack

Email: shawnconnelly1@gmail.com

Twitter: @VirtualizationG

LinkedIn: linkedin.com/in/virtualizationg

Leave a Reply