Earlier this year, nosotros saw notorious incidents where tens of thousands of unprotected MongoDB as well as Elasticsearch databases were hacked as well as held for ransom inwards central of the information the hackers had stolen as well as deleted from the poorly configured systems.
Now, cyber crooks accept started targeting unprotected Hadoop Clusters as well as CouchDB servers equally well, making the ransomware game nastier if your servers are non securely configured.
Nearly 4,500 servers alongside the Hadoop Distributed File System (HDFS) — the primary distributed storage used yesteryear Hadoop applications — were constitute exposing to a greater extent than than 5,000 Terabytes (5.12 Petabytes) of data, according to an analysis conducted using Shodan search engine.
This exposure is due to the same final result — HDFS-based servers, to a greater extent than ofttimes than non Hadoop installs, haven't been properly configured.
Like other Hadoop-related techs, HDFS has perish a primary tool for managing large clusters of information as well as supporting large information analytics applications.
In a spider web log post, Shodan Founder John Matherly revealed that patch the focus had been on MongoDB as well as Elasticsearch databases exposed on the Internet, Hadoop servers turned out to live "the existent juggernaut."
Although MongoDB has over 47,800 servers exposed on the Internet that exposes 25TB of data, Hadoop has merely 4,487 servers inwards full but exposes a considerably higher sum of information of to a greater extent than than 5,000TB.
Most of the Hadoop servers that expose information on the Internet are located inwards the the United States of America (1,900) as well as mainland People's Republic of China (1,426), followed yesteryear Deutschland (129) as well as Republic of Korea (115).
H5N1 bulk of the HDFS instances are hosted inwards the cloud alongside Amazon Web Services leading the accuse alongside 1,059 instances as well as Alibaba alongside 507.
While nosotros saw ransom attacks aimed at unprotected MongoDB as well as Elasticsearch databases end year, Matherly said those attacks accept non been stopped as well as are even hence targeting CouchDB as well as Hadoop servers.
"The ransomware attacks on databases that were widely publicised before inwards the twelvemonth are even hence happening," says Matherly. "And they're impacting both MongoDB as well as HDFS deployments."Matherly has also shared all the necessary steps on how to replicate the searches on Shodan search engine that users could follow inwards lodge to ship their ain investigations.
Administrators are encouraged to configure their Hadoop servers to run them inwards secure fashion yesteryear next the instructions provided yesteryear the company.
