308,000 exposed databases discovered, proper management is key

2022-04-29 04:00

During the research, the attack surface management team analyzed instances hosting internet-facing databases.

The findings showed that in the second half of 2021, the number of public-facing databases increased by 16% to 165,600 with most of them stored on the servers in the US. The number of databases exposed to the open web has been growing every quarter to reach its peak of 91,200 in Q1 2022.

In many cases, a data breach starts with a preventable security risk, such a database exposed to the open web.

In 2021 alone, the team identified 308,000 incidents of databases exposed to the open web.

Most of the exposed databases discovered between the Q1'2021 and Q1'2022 used Redis database management system.

Country wise, last year, most of the databases exposed to the open web were discovered on the servers located in the US. "A lot of the security incidents can be prevented with very little effort and a good toolset," comments Tim Bobak, Attack Surface Management Product Lead at Group-IB. "Last year, over 50% of our incident response engagements stemmed from a preventable, perimeter-based security error. A public facing database, an open port, or a cloud instance running vulnerable software are all critical but ultimately avoidable risks. As the complexity of corporate networks keeps growing, all the companies need to have complete visibility over their attack surface."

News URL

https://www.helpnetsecurity.com/2022/04/29/exposed-digital-assets-2021/

#database #management