Classification of Cybersecurity Threats, Vulnerabilities and Countermeasures in Database Systems

Database systems have consistently been prime targets for cyber-attacks and threats due to the critical nature of the data they store. Despite the increasing reliance on database management systems, this field continues to face numerous cyber-attacks. Database management systems serve as the foundation of any information system or application. Any cyber-attack can result in significant damage to the database system and loss of sensitive data. Consequently, cyber risk classifications and assessments play a crucial role in risk management and establish an essential framework for identifying and responding to cyber threats. Risk assessment aids in understanding the impact of cyber threats and developing appropriate security controls to mitigate risks. The primary objective of this study is to conduct a comprehensive analysis of cyber risks in database management systems, including classifying threats, vulnerabilities, impacts, and countermeasures. This classification helps to identify suitable security controls to mitigate cyber risks for each type of threat. Additionally, this research aims to explore technical countermeasures to protect database systems from cyber threats. This study employs the content analysis method to collect, analyze, and classify data in terms of types of threats, vulnerabilities, and countermeasures. The results indicate that SQL injection attacks and Denial of Service (DoS) attacks were the most prevalent technical threats in database systems, each accounting for 9% of incidents. Vulnerable audit trails, intrusion attempts, and ransomware attacks were classified as the second level of technical threats in database systems, comprising 7% and 5% of incidents, respectively. Furthermore, the findings reveal that insider threats were the most common non-technical threats in database systems, accounting for 5% of incidents. Moreover, the results indicate that weak authentication, unpatched databases, weak audit trails, and multiple usage of an account were the most common technical vulnerabilities in database systems, each accounting for 9% of vulnerabilities. Additionally, software bugs, insecure coding practices, weak security controls, insecure networks, password misuse, weak encryption practices, and weak data masking were classified as the second level of security vulnerabilities in database systems, each accounting for 4% of vulnerabilities. The findings from this work can assist organizations in understanding the types of cyber threats and developing robust strategies against cyber-attacks.