sb-as logo
Story image

10 billion records sit in unsecured databases - China leads the pack

11 Aug 2020

China, the United States, India, Germany, and Singapore are the top five countries with the most unsecured databases in the world – or at least that’s according to new research from NordVPN.

The security firm partnered up with a white hat hacker to scan Elasticsearch and MongoDB libraries for unsecured databases, over the space of one year. 

The hacker uncovered a total of 9517 unsecured databases, collectively containing more than 10 billion entries – that's 10,463,315,645 entries containing data such as emails, passwords, phone numbers, and other sensitive information.

China topped the list with 3794 exposed databases, containing a collective of more than 2.6 billion (2,629,383,174) detected entries.

The United States wasn’t too far behind, with 2703 exposed databased and 2.4 million (2,397,583,255) entries.

India had 520 exposed databases with 4.9 million entries; Germany had 361 exposed databases with 248 million entries; Singapore had 355 exposed databases with 2.3 million entries.

Rounding out the top 10 most exposed databases include France, South Africa, the Netherlands, Russia, and the United Kingdom.

Other countries included South Korea, Ireland, Vietnam, Hong Kong, Brazil, Japan, Canada, Iran, Australia, and Taiwan.

NordVPN warns that although some of the exposed entries could be ‘junk’ and only used for the purposes of testing, it could be hugely damaging if sensitive information were exposed.

NordVPN points to recent data leaks including a case where 540 million Facebook records were exposed on Amazon cloud servers.

Furthermore, search engines such as Shodan and Censys scan the internet constantly, enabling people to gain access to open databases. NordPass security expert Chad Hammond says anyone could scan the internet in as little as 40 minutes.

Security threats, such as automated ‘Meow’ attacks that destroy data without reason or ransom, also place unsecured databases at more risk.

Hammond says, “Every company, entity, or developer should make sure they never leave any database exposed, as this is obviously a huge threat to user data.”

He adds that database protection should include data encryption at rest and in motion, identity management, and vulnerability management.

“All should be encrypted using trusted and robust algorithms instead of custom or random methods. It’s also important to select appropriate key lengths to protect your system from attacks.”

“Identity management is another important step and should be used to ensure that only the relevant people in an enterprise have access to technological resources.”

“Finally, every company should have a local security team responsible for vulnerability management and able to detect any vulnerabilities early on,” he concludes.

Story image
Metallic adds data management and GDPR compliance
Now GDPR compliant, additions to the portfolio include eDiscovery features and support for Microsoft Hyper-V and Azure Blob and File storage.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More