3.6 Million MySQL Servers Found Exposed On The Internet
source link: https://www.theinsaneapp.com/2022/06/millions-of-mysql-servers-found-exposed-on-the-internet.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
3.6 Million MySQL Servers Found Exposed On The Internet
More than 3.6 million MySQL servers are publicly accessible via the Internet and are responding to requests, making them a tempting target for criminals and extortionists.
Of the accessible MySQL servers, 2.3 million of them are linked via IPv4 which is accompanied by 1.3 million devices connected to IPv6.
Although it is typical for web services and apps to connect to remote databases, however, these connections must be secured so that only authorized devices can connect to them.
In addition, exposure to public servers must be always protected by strict user guidelines including altering your default port of access (3306) as well as setting up binary logging, observing the queries, and making sure encryption is enforced.
In the last week’s scans by the cybersecurity research organization The Shadowserver Foundation, analysts discovered 3.6 million of them exposed MySQL servers running on TCP port 3306. This is the standard port. TCP 3306 port.
“While we don’t look for the degree of accessibility or exposure to particular databases, this type of exposure could be a possible attack surface that needs to be shut down,” explains the report from Shadow Server.
The nation with the highest number of easily accessible MySQL servers is the United States, surpassing 1.2 million. Other countries that have a significant number of MySQL servers are China, Germany, Singapore, Netherland, and Poland.
Heatmap of exposed MySQL servers in IPv4 (Shadow Server)
The scan results in detail are the following:
- Total exposed population on IPv4: 3,957,457
- Total exposed population on IPv6: 1,421,010
- Total “Server Greeting” responses on IPv4: 2,279,908
- Total “Server Greeting” responses on IPv6: 1,343,993
- 67% of all MySQL services found are accessible from the internet
To understand how you can securely install MySQL servers and close any security holes that could be lurking in your system, Shadow Server recommends admins to follow these tutorials
Data brokers who market stolen databases have revealed to journalists that one of the most frequent causes of data theft is insecurely secured databases. Database administrators must always secure to stop any remote access that is not authorized.
Insecure MySQL database servers could cause a catastrophic data breach, destructive attacks, ransom requests remote access trojan (RAT) infections, and even Cobalt Strike compromises.
All of these scenarios have serious implications for the affected organizations It is therefore essential to follow the proper security measures and prevent all devices visible through basic network scans.
Related Valuable Posts:
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK