Honeypot study: Unsecured database simulation attacked 18x per day on average>
SC Magazine – Larry Jaffee
In a June 10 blog post, Comparitech Privacy Advocate Paul Bischoff describes typical scenarios of how unauthorized third parties discover, access and even modify exposed data without a password or other authentication, thus risking user privacy and security. The security firm last month set up a honeypot to find out how quickly attackers would hit an Elasticsearch cloud server containing a bogus database with fake data inside, and it subsequently found 175 attacks in eight hours after deployment. The first attack on the decoy occurred just eight hours and 35 minutes after being available for the taking. Comparitech left the exposed data from May 11 until May 22. The most attacks in one day totaled 22. Additionally, a trend emerged: many hackers use an internet-of-things (IoT) search engines like Shodan.io or BinaryEdge to find potential destinations. On May 29, the honeypot was hit with a malicious bot seeking a ransom, but not before deleting the databaseâs contents. Still the hacker left a threatening message that the data will be leaked or sold if payment demands werenât met, as well as contact information and directions as to where to send the payment. One Dutch attacker within five seconds extracted the data by using GET methods to obtain index information.
Link: https://www.scmagazine.com/home/security-news/honeypot-study-unsecured-database-simulation-attacked-18x-per-day-on-average/