December 3, 2023

The number of public-facing databases increased 16% in second half of 2021.

Researchers on Wednesday reported that in the second half of 2021, the number of public-facing databases increased by 16% to 165,600, with most of them stored on web servers in the United States.

Group-IB’s Attack Surface Management team, said the number of databases exposed to the open web has been growing every quarter to reach its peak of 91,200 in Q1 2022. Most of the exposed databases use the Redis database management system (37.5%), followed by MongoDB (31%). Improper configuration is the main cause.

Advertisements

The consequences of an exposed database range from a data breach to a subsequent follow-up attack on the employees or customers whose information was left unsecured.

Researchers says all it takes for things to go south is minor configuration changes to the database service or firewall. This means seconds of effort, adding that security teams should manage cloud instances by Puppet, or similar, to ensure all operating systems are hardened by default.

Group-IB’s researchers also say that the largest number of identified exposed databases (93,600) were found on servers located in the United States. China (with 54,700 exposed databases) and Germany (11,100) round up the top three.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

TheCyberThrone CyberSecurity Newsletter Top 5 Articles – November, 2023

December 2, 2023

Staples affected by a Cyber Attack

December 2, 2023

CISA KEV Update Part I – December 2023

December 1, 2023 2

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023
%d bloggers like this: