Business Management Software | Sage ERP & Acumatica

What You Need to Know About MongoDB Attacks

Written by Ralph Ceccarelli | February 16, 2017

Attacks and other hacks on IT systems are, unfortunately, on the rise; the most recent one to make headlines is the attack on MongoDB.

 

The knowledge that a MongoDB attack removes all of the victim’s data and replaces it with a ransom note is upsetting, and the fact that tens of thousands of MongoDB databases holding more than 680 terabytes of data have been compromised and held hostage is downright alarming.

The MongoDB attacks, which have been a problem for approximately a month, are still occurring, and the number of attacks is on the rise; sources say that 25% of unsecured internet-accessible MongoDB databases have been hit by this ransomware attack.

What is MongoDB?

MongoDB is a free, open-source database system that runs on a range of platforms, including Windows. Its usage is growing quickly, with millions of downloads – something that will only prove to increase the number of attacks.

 

Now, as this article explains, five groups of attackers are competing to delete as many publicly accessible MongoDB databases as possible.

 

Although this is not a hack in the traditional sense, as it appears to affect only open databases connected to the public internet without a password protecting the administrator account, doesn’t mean you shouldn’t be actively protecting yourself against the possibility of an attack.

How to Protect Yourself

Some Sage Enterprise Management components include MongoDB, and recent communications from Sage indicate the need to take action to protect all ports on your servers as a matter of security best practices, whether or not the ports are connected to the public internet.

 

It is critical to take the following steps to ensure protection from this attack or other, similar attacks.

 

We recommend:

Cyber attacks and hacks are serious business. There may be nothing worse than finding your confidential business and client data held hostage, and there’s no time better than now to get prepared.

If you have any questions about MongoDB, keeping yourself protected from a ransomware attack, or Sage Enterprise Management, please do not hesitate to contact us for more information - we're always here to help.

 

 
About Southeast Computer Solutions
Southeast Computer Solutions is based in Miami, Florida, and has additional operations in Mexico. For over 30 years, we have positively impacted the success of small and mid-sized businesses with effective business management implementations that improve our clients’ operations. We listen, we are accessible, and we care. Learn more by visiting our website or calling 305-556-4697.