Expert Comments

Attackers Ransom MongoDB Databases – Expert Commentary

Expert(s): Security Experts
Expert(s): Security Experts

The perpetrator has uploaded ransom notes on 22,900 MongoDB databases left exposed online without a password. The hacker is using an automated script to scan for misconfigured MongoDB databases, wiping their content, and leaving a ransom note behind asking for payment, threatening to expose the leak, and contact the victim’s local General Data Protection Regulation (GDPR) Enforcement Authority.

Experts Comments

Dot Your Expert Comments
James MacQuiggan
July 03, 2020
Security Awareness Advocate
KnowBe4

They make it easy to query or search for a variety of purposes needed by an organisation responsible for data.
Databases are an excellent resource to efficiently store data. They make it easy to query or search for a variety of purposes needed by an organisation responsible for data. With the information stored such as names, addresses, phone numbers, and other sensitive data, certain technology features need to be implemented like access controls, encryption, and updates to secure the data from attack and exploitation. Organisations should have a robust security program to update critical and.....Read More
Databases are an excellent resource to efficiently store data. They make it easy to query or search for a variety of purposes needed by an organisation responsible for data. With the information stored such as names, addresses, phone numbers, and other sensitive data, certain technology features need to be implemented like access controls, encryption, and updates to secure the data from attack and exploitation. Organisations should have a robust security program to update critical and necessary systems, restrict access to only those essential users or systems for access, and provide encryption to protect the data. Failing to change default security settings, like replacing passwords for the default administrative accounts, puts an organisation at a higher risk of exploitation. These actions are similar to leaving your front door open to your home when you go away on vacation, making it easier for the criminals to steal your home’s valuables.  Read Less
Jay Ryerse
July 03, 2020
VP of Cybersecurity Initiatives
ConnectWise

In addition to assessing risk, we must consider the benefit of education for our users and our technical staff.
In today’s world, we are challenged by many things including a global pandemic, uncertainty, and of course, cybercrime. Two of these are likely out of our control, but practicing good cybersecurity is within our ability as business owners and service providers. Areas we can focus on within our business include performing a regular risk assessment for technology because what we don’t know can hurt us. In a risk assessment which often includes a vulnerability scan, we can quickly focus our .....Read More
In today’s world, we are challenged by many things including a global pandemic, uncertainty, and of course, cybercrime. Two of these are likely out of our control, but practicing good cybersecurity is within our ability as business owners and service providers. Areas we can focus on within our business include performing a regular risk assessment for technology because what we don’t know can hurt us. In a risk assessment which often includes a vulnerability scan, we can quickly focus our attention on matters of concern and reduce the likelihood of an attack or your ability to recover afterward. During this process, a third party risk assessor would identify devices with default passwords still in use and make strong recommendations to update the passwords and implement best practices for securing data. In addition to assessing risk, we must consider the benefit of education for our users and our technical staff. Education for your staff reduces the chance of falling victim to a phishing attack which leads to opening up your network to cybercrime. And additional education and certification for your technical staff helps keep them informed on the latest threats, security best practices, and technology that exists today to defend and protect against cyber attacks. In the case of the MongoDB compromise, technical staff need to always change or alter the default credentials of newly installed tools and systems.  Read Less
Raif Mehmet
July 03, 2020
Sales Director
Bitglass

To thwart ransomware attacks and mitigate their impact, all organisations need advanced threat protection.
Misconfigurations like this will continue to be a rampant issue as businesses continually fail to obtain visibility and control into all of their cloud footprint. Time and again, cloud misconfiguration issues allow servers to expose sensitive data that is not protected or encrypted, enabling unauthorised access and a host of other headaches for the enterprise and its data subjects. To thwart ransomware attacks and mitigate their impact, all organisations need advanced threat protection –.....Read More
Misconfigurations like this will continue to be a rampant issue as businesses continually fail to obtain visibility and control into all of their cloud footprint. Time and again, cloud misconfiguration issues allow servers to expose sensitive data that is not protected or encrypted, enabling unauthorised access and a host of other headaches for the enterprise and its data subjects. To thwart ransomware attacks and mitigate their impact, all organisations need advanced threat protection – particularly during this era when more employees are working from home than ever before. Organisations should leverage security solutions that can identify and remediate both known and zero-day threats on any cloud application or service, and protect managed and unmanaged devices that access corporate resources and data. This includes solutions that can automatically block malware in the cloud that is both at rest or in transit. Additionally, organisations must ensure adequate employee security training to identify phishing attempts and illegitimate emails as phishing is the primary vector for ransomware attacks.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

$2bn Startup Glovo Falls Victim To Cyberattack

Vulnerabilities Found In Wifi-routers

Experts Reaction On REvil/Sodin Behind UnitingCare Breach

Experts On IOS 0-Days Vulnerabilities Discovered

Uni Research Finds That Fertility Apps Collecting And Sharing Sensitive...

44% of Orgs. Report Breaches Due to 3rd Parties, 74%...

92% Of Organisations Who Pay Ransoms Don’t Get All Their...

Experts Comments on World Password Day

Expert Insights On Ransomware Task Force Report

Expert Commentary – Ofcom Warn People Not to Trust Caller...