Attacks and other hacks on IT systems are, unfortunately, on the rise; the most recent one to make headlines is the attack on MongoDB.
The knowledge that a MongoDB attack removes all of the victim’s data and replaces it with a ransom note is upsetting, and the fact that tens of thousands of MongoDB databases holding more than 680 terabytes of data have been compromised and held hostage is downright alarming.
The MongoDB attacks, which have been a problem for approximately a month, are still occurring, and the number of attacks is on the rise; sources say that 25% of unsecured internet-accessible MongoDB databases have been hit by this ransomware attack.
MongoDB is a free, open-source database system that runs on a range of platforms, including Windows. Its usage is growing quickly, with millions of downloads – something that will only prove to increase the number of attacks.
Now, as this article explains, five groups of attackers are competing to delete as many publicly accessible MongoDB databases as possible.
Although this is not a hack in the traditional sense, as it appears to affect only open databases connected to the public internet without a password protecting the administrator account, doesn’t mean you shouldn’t be actively protecting yourself against the possibility of an attack.
Some Sage Enterprise Management components include MongoDB, and recent communications from Sage indicate the need to take action to protect all ports on your servers as a matter of security best practices, whether or not the ports are connected to the public internet.
It is critical to take the following steps to ensure protection from this attack or other, similar attacks.
We recommend:
Cyber attacks and hacks are serious business. There may be nothing worse than finding your confidential business and client data held hostage, and there’s no time better than now to get prepared.
If you have any questions about MongoDB, keeping yourself protected from a ransomware attack, or Sage Enterprise Management, please do not hesitate to contact us for more information - we're always here to help.