While the internet might be offering a lot of things we need to function in this day and age like search results and social media, there's always been one question that a lot of people ask, is it secure? Findings show a huge chunk of the internet isn't secure!

CyberNews Finds 29,000 Unsecured Databases

CyberNews security researchers have reportedly found over 29,000 unsecured databases around the world that expose a whopping 19 petabytes or 19,000 terabytes of data online. In order to do the investigation, the news outlet made use of a special search engine that could open MongoDB, Hadoop, and even Elasticsearch databases. 

According to the story by TechRadar, it's also worth noting that the news outlet didn't count the databases that had default credentials enabled. The findings show that the unprotected databases that exist online are higher than expected.

China has the Most Unprotected Databases

Of the reported databases discovered in the search, Hadoop instances expose the majority of data with around almost 19TB which is also easily accessible to certain cybercriminals or even to anyone for the whole matter that was followed by Elasticsearch that had 143.8TB and MongoDB that had just 6.5TB.

Elasticsearch took the top spot of number of exposed databases at 19,814 instances without the use of any sort of authentication used. In terms of what country had the most exposed databases, it was found that China had 12,943 while the US only had 4,512 instances and Germany only had 1,479 unprotected instances.

What are 'Meow' Attacks?

Some time last year, cybercriminals launched attacks to unsecure databases with no ransom involved. The "meow attacks" wiped all data from the servers and left the database owners empty folders that had files named "meow."

To the investigation's surprise, there were 59 databases that were not protected even after the meow attack that happened. Security researchers along with the new outlet called Mantas Sasnauskas gave their insights about the incident.

Read Also: Hackers Leak D.C. Police Data Including Arrest History, Polygraph Results, and Even Police Informants

How to Protect Your Database

It was noted that anyone can easily look for the particular unprotected clusters by simply using IoT search engines to easily identify them without effort. This will then show those databases without authentication enabled and simply exploit them to steal the data and hold them ransom. This could even result in another "meow" attack where cybercriminals would simply destroy the data for fun.

The attack could even wipe out billions of records and even cripple both the business and the personal projects in the whole process. Database owners can reportedly prevent their own data from officially being stolen by simply authenticating, enabling encryption, and making use of VPNs.

One thing that helps is by simply keeping the database software updated. Once the authentication is then enabled, users should at least use complex or unique passwords in order to protect the database. Users can simply opt to utilize a password generator or even a password manager.

Related Article: Man Sentenced for Illegal Streaming Access: 85,925 Netflix, Spotify, Hulu Credentials Stolen

This article is owned by Tech Times

Written by Urian B.