Insecure Hadoop Clusters Disclose Over 5,000 Terabytes Of Data

Until end year, cyber criminals were alone targeting computers of individuals too organisations amongst ransomware too asset them for ransom, but thus they started targeting unprotected online databases too servers only about the footing for ransom every bit well.

Earlier this year, nosotros saw notorious incidents where tens of thousands of unprotected MongoDB too Elasticsearch databases were hacked too held for ransom inwards central of the information the hackers had stolen too deleted from the poorly configured systems.

Now, cyber crooks convey started targeting unprotected Hadoop Clusters too CouchDB servers every bit well, making the ransomware game nastier if your servers are non securely configured.

Nearly 4,500 servers amongst the Hadoop Distributed File System (HDFS) — the principal distributed storage used past times Hadoop applications — were constitute exposing to a greater extent than than 5,000 Terabytes (5.12 Petabytes) of data, according to an analysis conducted using Shodan search engine.

This exposure is due to the same consequence — HDFS-based servers, generally Hadoop installs, haven't been properly configured.

The Hadoop Distributed File System (HDFS) is a distributed file scheme that is beingness designed to shop vast information sets reliably too to flow those information sets at high bandwidth to user applications.

Like other Hadoop-related techs, HDFS has transcend a principal tool for managing large clusters of information too supporting large information analytics applications.

In a spider web log post, Shodan Founder John Matherly revealed that spell the focus had been on MongoDB too Elasticsearch databases exposed on the Internet, Hadoop servers turned out to live "the existent juggernaut."

Although MongoDB has over 47,800 servers exposed on the Internet that exposes 25TB of data, Hadoop has only 4,487 servers inwards full but exposes a considerably higher sum of information of to a greater extent than than 5,000TB.

Most of the Hadoop servers that expose information on the Internet are located inwards the U.S. of A. (1,900) too Red People's Republic of China (1,426), followed past times Deutschland (129) too Republic of Korea (115).

H5N1 bulk of the HDFS instances are hosted inwards the cloud amongst Amazon Web Services leading the accuse amongst 1,059 instances too Alibaba amongst 507.

While nosotros saw ransom attacks aimed at unprotected MongoDB too Elasticsearch databases end year, Matherly said those attacks convey non been stopped too are withal targeting CouchDB too Hadoop servers.

"The ransomware attacks on databases that were widely publicised before inwards the twelvemonth are withal happening," says Matherly. "And they're impacting both MongoDB too HDFS deployments."

Matherly has also shared all the necessary steps on how to replicate the searches on Shodan search engine that users could follow inwards lodge to behave their ain investigations.

Administrators are encouraged to configure their Hadoop servers to run them inwards secure trend past times next the instructions provided past times the company.

Share This :