The widespread attack on MongoDB databases is gathering speed, with reports that close to 50,000 databases are vulnerable. MongoDB does offer security protections, but they are not enforced and many customers decline to use them. Wieland Alge, VP & GM EMEA at Barracuda Networks commented below.
Wieland Alge, VP & GM EMEA at Barracuda Networks:
“MongoDB does offer security protections, but many customers fail to use them. This leaves many thousands of databases exposed on the internet, where anyone can access them with full admin rights.
“The MongoDB attacks were initially thought to have been isolated incidents, but since the discovery in December, we are now in the middle of a hacker gold rush. So much so that hackers are now cannibalising each other by deleting rivals’ ransoms in order to make sure victims pay their own.”