This is one of the 52 terms in The Language of Cybersecurity published by XML Press in 2018 and the contributor for this term is Shawn Connelly.
What is it?
An attack that targets the buffer memory of a device or program by sending more data than the program can handle, thereby writing the extra data into a nearby memory location, which could allow an attacker to run a piece of malicious code.
Why is it important?
If software is not properly patched or designed with secure coding principles from the start, these types of malicious attacks can cause great harm by allowing programs or external parties to access protected nodes or information.
Why does a business professional need to know this?
A buffer overflow can be explained by the old adage that you can’t put 10 pounds of potatoes in a 5-pound bag. When too much data is written to a block, it can overwrite adjacent memory leading to data corruption. A program or device can crash or an attacker can insert malicious code into the overwritten memory and try to execute it.
Because buffer overflow attacks exploit weaknesses in the design of hardware or firmware, defending against such attacks must begin in the early design stages of product development. Because such attacks can potentially give attackers the ability to gain administrator privileges, damage databases, or steal data, mitigating the threat of buffer overflow attacks should have a high priority.
Correctly patching devices, including updating firmware on network equipment, is essential to protect against these types of attacks. When developing products, your best defense is to follow industry best practices for design, development, testing, and code review. Reviewing a program or website for security vulnerabilities before it is placed into production may take a few extra steps, but it will save money if it prevents your system from being exploited. An ounce of prevention is worth a gallon of protection.
A simple buffer overflow attack can take down a web page, a database server, a content management system, or a mail server. The recent Meltdown and Spectre vulnerabilities have shown that buffer overflow attacks have the potential to open up systems to devastating attacks[Connelly-Shawn 1][Connelly-Shawn 2]. These vulnerabilities have been identified in processors manufactured by Intel, AMD, and ARM, which are in a considerable number of computers and devices, including phones, tablets, laptops, and servers.