MongoDB Ransom Attacks has hit 27,000 Systems in few hours from 12000 impacted servers .
Most of the mongoDB installations are exposed to exploites due to poor default access controls for super users .
Hackers are accessing MongoDB databaases and then copy and delete data from database running in default, unsecure configuration. In return of data administrators are being asked to pay ransom money by bitcoins.
What Can mongoDB DBA’s Do ?
-
Follow Frank Harding’s Quick Steps to Secure mongoDB
-
Follow mongoDB Security Check List to review and secure your mongoDB installation and implement the security measures immidiately
- Enable Access Control and Enforce Authentication
- Configure Role-Based Access Control
- Encrypt Communication
- Encrypt and Protect Data
- Limit Network Exposure
- Audit System Activity
- Run MongoDB with a Dedicated User
- Run MongoDB with Secure Configuration Options
- Request a Security Technical Implementation Guide (where applicable)
- Consider Security Standards Compliance
- Follow the events and details on this issue by Victor Gevers on Twitter :