Active Hackathon

Enterprises worldwide beef up against Ransomware attack — crime of the century

MongoDB ransomware attack is a reminder why cyber crimes are the biggest threat in the security landscape

Of late, MongoDB, the Database-as-a-Service provider grabbed the headlines for one of the biggest wrong reasons — ransomware attack or malware that installs surreptitiously on a user’s computer, locks the system or locks the user’s files. Earlier last month, 27,000 databases came under attack when hackers compromised unsecured instances of MongoDB running openly on the internet. Reportedly, hackers wiped off over 680 terabytes of crucial data and demanded one bitcoin in return of the database. MongoDB ransomware attack brought into sharp focus the crimes in cyberspace and they cost to global economy. 

MongoDB Ransomware attack signals a red flag in privacy and security of data

Why MongoDB’s instances were held hostage? MongoDB’s unsecured instances were openly accessible on the internet and did not have any password-protected admin accounts. Lack of firewall to protect the databases and lack of security configurations made one of the most popular database management system a sitting target.  According to reports, there are 30,000+ MongoDB installations on the web that are available on the cloud. Extortion is the most extreme step taken by hackers, industry experts reportedly point out that databases can be compromised by hosting malware or hiding files.


Sign up for your weekly dose of what's up in emerging technology.

The repercussions of the attack exposed data from several organizations. Here’s the total number of organizations exposed and the hackers involved in the malicious attempt.  But the ransacking didn’t stop there. According to news reports, 600+ unsecured Elasticsearch clusters were hit by ransomware. The servers hosted on Amazon Web services sent out an advisory to their customers. As per their blog, “No malware, or “ransomware” was used in the attacks and there was no data breach, still the incident represented a serious security concern,” read the blog entry.  The blog also listed down steps to “secure data in Internet-facing instance of Elasticsearch”.

When Analytics India Magazine contacted representatives at MongoDB, the major proponent of unstructured relational database, we got MongoDB’s “Suggested Steps To Diagnose and Respond to an Attack”. As per MongoDB’s guide, “MongoDB Cloud Manager and MongoDB Ops Manager provide continuous backup with point in time recovery wherein users can also enable alerts in Cloud Manager to detect if their deployment is internet exposed”.

Spike in Ransomware attacks

From Montana schools to smart TVs in Japan, there is a surge in cyber-targeting with news reports pointing cybercriminals notching up to a 1$ billion dollars in 2016 in phishing attacks. The year 2017 began with MongoDB’s ransomware attack, courtesy the misconfigured databases followed by Elasticsearch clusters being breached. Security experts pointed out vandalization of Hadoop installations. News reports say a potential attack could expose 8,000 HDFS installations. Though no data stored on HDFS installation was compromised, hackers left a calling card and the breach exposed the “access without authentication”.

As per a survey, ransomware attacks are expected to double in 2017. Cyber security is the number #1 concern of most organizations and according to the Osterman Research, nearly 50% of organizations came under ransomware attack in 2016. The most vulnerable sector proved to be financial followed by manufacturing, government and healthcare. Another key finding of the survey was that malware made its way through devices such as smartphone or tablet.

How are organizations beefing up in face of ransomware threats?

While end-to-end prevention of cyber threats is not possible, security experts note training staff and maintaining a full-proof IT infrastructure can serve as the best defense in protecting data.

Companies shore up defense to prevent cybercrimes:

  • Last year, chip maker Intel, Europol (European law enforcement agency) and Kaspersky Lab (Russian cyber Security Company) joined hands to address the growing threat of ransomware.
  • Cyber security vendors need to advance artificial intelligence and machine learning capabilities to effectively prevent cyber threats. From Android mobile OS to Windows OS and Apple Mac, ransomware has widened its net and sophisticated machine learning algorithms can check the threat at early stage.
  • Dubbed as the “crime of the century”, the softest targets – big data databases managed from cloud should shore up authentication and provide recovery data option through a robust program.
  • Redmond-headquartered IT giant Microsoft introduced ransomware protection in Windows 10 anniversary update earlier last year. Steps taken to ensure ransomware defense ranged from browser hardening to machine learning and a more robust Windows Defender.
  • At an organizational level, robust infrastructure management, employee training and risk assessment should be undertaken to protect sensitive data.

Even though cyber-attacks cannot be entirely avoided, threats and breach of data can be minimized by following a robust data management policy. Security vendors will come into play in 2017.

More Great AIM Stories

Richa Bhatia
Richa Bhatia is a seasoned journalist with six-years experience in reportage and news coverage and has had stints at Times of India and The Indian Express. She is an avid reader, mum to a feisty two-year-old and loves writing about the next-gen technology that is shaping our world.

Our Upcoming Events

Conference, in-person (Bangalore)
Machine Learning Developers Summit (MLDS) 2023
19-20th Jan, 2023

Conference, in-person (Bangalore)
Rising 2023 | Women in Tech Conference
16-17th Mar, 2023

Conference, in-person (Bangalore)
Data Engineering Summit (DES) 2023
27-28th Apr, 2023

Conference, in-person (Bangalore)
MachineCon 2023
23rd Jun, 2023

3 Ways to Join our Community

Discord Server

Stay Connected with a larger ecosystem of data science and ML Professionals

Telegram Channel

Discover special offers, top stories, upcoming events, and more.

Subscribe to our newsletter

Get the latest updates from AIM