308,000 databases were exposed to the open web in 2021: report
The conversation surrounding the importance of data security doesn’t seem to be coming to naught in light of the new findings, which discovered 308,000 openly exposed databases in 2021 alone.
The increased reliance on remote work following the COVID-19 pandemic led to the growing number of improperly secured public-facing assets. Threat actors frequently take advantage of a huge number of exposed databases, targeting both companies and their customers.
The Attack Surface Management team at Group-IB identified 308,000 exposed databases on the open web in 2021. The value of public-facing assets showcased a steady quarterly increase from 69,000 in the first quarter of 2021 to 91,200 during the same period of 2022.
The majority of the exposed databases (37.5%) discovered by the Group IB’s team during the first quarter of 2021 and 2022 used Redis database management system, followed by MongoDB (30.9%), Elastic (29.3%), and MySQL (2.3%). More worrying findings detail the amount of time it took the owner to fix the problem following the discovery: at the beginning of 2021, on average, the process took 170.2 days. Despite a gradual decrease for the remainder of 2021 (up to 112 days in the third quarter,) the value skyrocketed back to 170 in the first quarter of 2022.
Out of the total 308,000 exposed databases discovered in 2021, the majority were in the United States (93,685), followed by China (54,754), Germany (11,177), France (9,723), and India (6,545).
The growing number of sensitive data left out in the open – whether due to a company’s negligence or following a sophisticated cyberattack – raises concerns among customers who might be already hesitant about supplying personal information. The importance of adopting a clear strategy for identifying and patching vulnerabilities thus cannot be overstated.
“As the complexity of corporate networks keeps growing, all the companies need to have complete visibility over their attack surface,” Tim Bobak, Attack Surface Management Product Lead at Group-IB, said.
Appropriate prevention methods, including cyber-educating employees and conducting regular risk assessments, can save the company its reputation, as well as the time and money required to deal with the aftermath of an attack. Bobak notes that often, it takes just a few simple steps to secure yourself against a cyber adversary.
“A lot of the security incidents can be prevented with very little effort and a good toolset. Last year, over 50% of our incident response engagements stemmed from a preventable, perimeter-based security error. A public facing database, an open port, or a cloud instance running vulnerable software are all critical but ultimately avoidable risks,” Bobak added.
More from Cybernews:
Subscribe to our newsletter