The news is filled with instances where companies inadvertently leave databases exposed on the web – even sometimes for just hours before they realise the mistake has been made.
Comparitech set up a honeypot to do some research to see if it left a fake database exposed, what would happen. Researcher Bob Diachenko left the data exposed from May 11, 2020 to May 22, 2020. During that time, 175 unauthorised requests were made. He broadly refers to these requests as “attacks”. The honeypot averaged 18 attacks per day and the first attack came on May 12, just 8 hours and 35 minutes after deployment.