sb-eu logo
Story image

10 billion records sit in unsecured databases - China leads the pack

11 Aug 2020

China, the United States, India, Germany, and Singapore are the top five countries with the most unsecured databases in the world – or at least that’s according to new research from NordVPN.

The security firm partnered up with a white hat hacker to scan Elasticsearch and MongoDB libraries for unsecured databases, over the space of one year. 

The hacker uncovered a total of 9517 unsecured databases, collectively containing more than 10 billion entries – that's 10,463,315,645 entries containing data such as emails, passwords, phone numbers, and other sensitive information.

China topped the list with 3794 exposed databases, containing a collective of more than 2.6 billion (2,629,383,174) detected entries.

The United States wasn’t too far behind, with 2703 exposed databased and 2.4 million (2,397,583,255) entries.

India had 520 exposed databases with 4.9 million entries; Germany had 361 exposed databases with 248 million entries; Singapore had 355 exposed databases with 2.3 million entries.

Rounding out the top 10 most exposed databases include France, South Africa, the Netherlands, Russia, and the United Kingdom.

Other countries included South Korea, Ireland, Vietnam, Hong Kong, Brazil, Japan, Canada, Iran, Australia, and Taiwan.

NordVPN warns that although some of the exposed entries could be ‘junk’ and only used for the purposes of testing, it could be hugely damaging if sensitive information were exposed.

NordVPN points to recent data leaks including a case where 540 million Facebook records were exposed on Amazon cloud servers.

Furthermore, search engines such as Shodan and Censys scan the internet constantly, enabling people to gain access to open databases. NordPass security expert Chad Hammond says anyone could scan the internet in as little as 40 minutes.

Security threats, such as automated ‘Meow’ attacks that destroy data without reason or ransom, also place unsecured databases at more risk.

Hammond says, “Every company, entity, or developer should make sure they never leave any database exposed, as this is obviously a huge threat to user data.”

He adds that database protection should include data encryption at rest and in motion, identity management, and vulnerability management.

“All should be encrypted using trusted and robust algorithms instead of custom or random methods. It’s also important to select appropriate key lengths to protect your system from attacks.”

“Identity management is another important step and should be used to ensure that only the relevant people in an enterprise have access to technological resources.”

“Finally, every company should have a local security team responsible for vulnerability management and able to detect any vulnerabilities early on,” he concludes.

Story image
Lazarus Group linked to phishing attacks on cryptocurrency sector
In this case, the attacks were launched through a phishing document sent via LinkedIn to employees at the targeted organisation. This phishing document was styled to look like a job advertisement for a role in a blockchain company.More
Story image
Zero trust is the way to secure the distributed workforce - Empired
Existing security solutions need to evolve to accommodate the new remote workforce.More
Story image
Shlayer malware proves Apple devices aren't as secure as you think
"Apple never talks about malware publicly, and loves to give the impression that its systems are secure. Unfortunately, the opposite has been proven to be the case with great regularity."More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Proofpoint and CyberArk extend partnership to further safeguard high-risk users
“Our CyberArk partnership extension provides security teams with increased detection and enhanced adaptive controls to help prevent today’s most severe threats."More
Story image
How security awareness training can safeguard companies from cyber-attacks
Training goes a long way in embedding a culture of cybersecurity compliance within the company.More