Saturday, April 10, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Over 13K iSCSI storage clusters left exposed online without a password

April 1, 2019
in Internet Security
Over 13K iSCSI storage clusters left exposed online without a password
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter
http://www.zdnet.com/

Over 13,000 iSCSI storage clusters are currently accessible via the internet after their respective owners forgot to enable authentication.

This misconfiguration has the risk of causing serious harm to devices’ owners, as cyber-criminal groups could access these internet-accessible hard drives (storage disk arrays and NAS devices) to replace legitimate files with malware, insert backdoors inside backups, or steal company information stored on the unprotected devices.

You might also like

Washington State educational organizations targeted in cryptojacking spree

Critical Zoom vulnerability triggers remote code execution without user input

Nation-state cyber attacks targeting businesses are on the rise

What is iSCSI

iSCSI stands for Internet Small Computer Systems Interface, and is a protocol for linking workstations and servers to data storage devices, such as disk storage arrays (found in data centers and large enterprises) and network-attached storage (NAS) devices (found in people’s homes and small-to-medium businesses –SMBs).

The protocol’s main purpose is to allow an operating system to view and interact with a remote storage device, as if it was a local component, instead of an IP-based accessible system.

iSCSI is a core component of the modern computing industry, as it allows virtual machines (VMs) to boot from remote hard drives as they’d be local devices; allows companies to centralize storage systems without breaking apps that can’t handle IP-based network storage paths; and is a crucial part of many data replication solutions.

The misconfiguration boo-boo

Naturally, because of the sensitive data these systems often contain, the iSCSI protocol supports various authentication measures, which device owners can set up to prevent unauthorized parties from connecting to their storage cluster and access storage drives, interact with the data, or create new storage drives.

But just like in the case of many internet-connected devices, such as routers, databases, web servers, and others, there is that small portion of device owners who failed to follow a minimum of security measures, and have left their storage arrays exposed online without authentication

This means that anyone knowing basic details about some of these systems can follow simple YouTube video tutorials and connect to these storage clusters, may them be large-scale disk arrays inside a company’s data center, or tiny NAS devices left in an office corner.

Thousands of iSCSI cluster available via Shodan

Over the weekend, penetration tester A Shadow tipped ZDNet about this hugely dangerous misconfiguration issue. The researcher found over 13,500 iSCSI clusters on Shodan, a search engine that indexes internet-connected devices.

iSCSI systems on Shodan
http://www.zdnet.com/

In an online conversation with ZDNet, the researcher described this iSCSI exposure as a “dangerous backdoor” that can allow cyber-criminals to plant ransomware-infected files on companies’ networks, steal company data, or place backdoors inside backup archives that may get activated when a company restores one of these booby-trapped files.

In a cursory investigation of a small sample of exposed iSCSI clusters, ZDNet found passwordless iSCSI-accessible storage systems belonging to a YMCA branch, a Russian government agency, and multiple universities and research institutes from all over the globe.

Many of the IP addresses ZDNet found to expose an iSCSI cluster were also hosting password-protected web panels for NAS devices such as Synology, suggesting these devices had been properly secured with a password for the web panel, but not the iSCSI port.

In addition to our separate investigation, A Shadow, who has spent a few days analyzing the results, said that many of these iSCSI clusters also belong to private companies, which can be ideal targets for cyber-criminal groups, and especially ransomware gangs targeting big ransom payouts.

Such systems may be a little harder to spot in Shodan search results during short lookups, but a cyber-criminal gang looking to maximize its profits will be, without a doubt, willing to thoroughly research each exposed iSCSI cluster for its next big hit.

More cybersecurity coverage:


Credit: Source link

Previous Post

Long-range Correlations in Time Series: Modeling, Testing, Case Study

Next Post

CMO Priorities and Strategies in 2019

Related Posts

Washington State educational organizations targeted in cryptojacking spree
Internet Security

Washington State educational organizations targeted in cryptojacking spree

April 10, 2021
Critical Zoom vulnerability triggers remote code execution without user input
Internet Security

Critical Zoom vulnerability triggers remote code execution without user input

April 10, 2021
Nation-state cyber attacks targeting businesses are on the rise
Internet Security

Nation-state cyber attacks targeting businesses are on the rise

April 10, 2021
These are the terrible passwords that people are still using. Here’s how to do better
Internet Security

These are the terrible passwords that people are still using. Here’s how to do better

April 9, 2021
Why do phishing attacks work? Blame the humans, not the technology
Internet Security

Why do phishing attacks work? Blame the humans, not the technology

April 9, 2021
Next Post
CMO Priorities and Strategies in 2019

CMO Priorities and Strategies in 2019

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison
Data Science

Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison

April 10, 2021
IBM releases Qiskit modules that use quantum computers to improve machine learning
Machine Learning

IBM releases Qiskit modules that use quantum computers to improve machine learning

April 10, 2021
Hackers Tampered With APKPure Store to Distribute Malware Apps
Internet Privacy

Hackers Tampered With APKPure Store to Distribute Malware Apps

April 10, 2021
5 Dominating IoT Trends Positively Impacting Telecom Sector in 2021
Data Science

5 Dominating IoT Trends Positively Impacting Telecom Sector in 2021

April 10, 2021
One-stop machine learning platform turns health care data into insights | MIT News
Machine Learning

One-stop machine learning platform turns health care data into insights | MIT News

April 10, 2021
Machine learning: is there a limit to technological patents in Brazil?
Machine Learning

Disclosing AI Inventions – Part I: Identifying the Unique Disclosure Issues

April 10, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Vue.js vs AngularJS Development in 2021: Side-by-Side Comparison April 10, 2021
  • IBM releases Qiskit modules that use quantum computers to improve machine learning April 10, 2021
  • Hackers Tampered With APKPure Store to Distribute Malware Apps April 10, 2021
  • 5 Dominating IoT Trends Positively Impacting Telecom Sector in 2021 April 10, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates