NordPass teamed up with a white hat hacker to scan the web for unsecured databases. Check out the eye-popping findings that show approximately 9500 databases with over 10 billion data records are unprotected and can be easily hacked.
By now, you must be aware of the Elasticsearch hack, better known as the Meow attack which affected almost 4,000 unsecured databases. Security researcher Bob DiachenkoOpens a new window who discovered the Meow attack tweetedOpens a new window that, “The new Elasticsearch bot attack does not contain any ransom or threats, just ‘meow’ with a random set of numbers. It is quite fast and searches and destroys new clusters pretty effectively.†Most recently, Argentina’s Ministry of Public Health exposed data of 115,000 patients’ in a misconfiguration incident. DiachenkoOpens a new window writes that the database had already been infiltrated by “meow botâ€.Â
Worryingly, attackers targeting unsecured databases has become a common practice. A NordPass report Opens a new window points out there are close to 10,000 databases around the world that have been left exposed and can be easily breached. What does this mean for the end user? Your account and passwords details could possibly be compromised if they were stored in one of these unprotected databases, making it an easy hack for bad actors.Â
To find how data is secured online, NordPass partnered with a white hat hacker to conduct a year-long study between June 2019 to June 2020 to scan elasticsearch and mongoDB libraries for vulnerabilities and misconfigured databases. Â
Check out the eye-popping findings below:Â
Unsecured Databases
“Usually a database that contains sensitive consumer data will have one if not several layers of security,†explains NordPass. The absence of these layers is what exposes the database for anyone to access with just a few clicks. All they’d need to know to access these unprotected databases is how to use and navigate relevant search engines such as Shodan, Vega, Censys or others. The study by the password management vendor found out that billions of these records are stored in unsecured databases across the world.Â
Chad Hammond, Security Expert at NordPass said, “In fact, with proper equipment, you could easily scan the whole internet on your own in just 40 minutes.â€
See Also: Data Breaches Cost Organizations $3.86M: IBM Data Breach Report
Some Numbers
Exposed records: 10,463,315,645 ≈ 10.46 billion records
Unsecured databases holding exposed records: 9,517
Countries where unsecured databases were found: 20
The highest number of unsecured databases were from China, followed by the U.S., India and Germany. Though India has the third highest unsecured databases, France and Germany surpassed India in terms of exposed records. Overall, China, the U.S., France accounted for a lion’s share of exposed records.Â
Check out the complete list of countries here:
Exposed data includes consumer data like emails, passwords, and phone numbers.
Can Passwords Help?
NordPass notes that exposed databases were the cause of some of the more sizable data breaches in 2019. This includes millions of exposed Facebook records on a public AWS server. Securing these databases with passwords can help but surely it isn’t enough. This is apparent from the fact that almost 21 million passwords along with 800 million unique email addresses were sold on the dark web in 2019. There’s a high probability that you may have been compromised.
On an individual level, compromised emails or passwords can be used to open the floodgates to other user data like bank account details, address and social media profiles etc., which can result in identity theft. To find if someone may have been compromised, users can check Have I Been Pwned?Opens a new window
Learn More: How New Security and Encryption Layers Strengthen Cloud Databases
Measures To Take
NordPass’ findings clearly show that appropriate security measures are the need of the hour (and always have been). Measures such as strong passwords, encryption and implementation of identity management solutions could help.Â
“Every company, entity, or developer should make sure they never leave any database exposed, as this is obviously a huge threat to user data,†Hammond says. “Proper protection should include data encryption at rest, wire (in motion) data encryption, identity management, and vulnerability management. Data can be exposed to risks both in transit and at rest and therefore requires protection in both states. While there are several different approaches, encryption plays a major role in data protection and is a popular tool for securing data both in transit and at rest,†he adds, in closing.Â
Got anything interesting to add to this story? Let us know in the comments below. You can also give us a shoutout at LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!