michelangelus - Fotolia
Researchers found a huge increase in MongoDB databases being hijacked due to poor authentication, escalating from hundreds of attacks to over 28,000. Researchers estimate there are anywhere from 48,000 to 99,000 MongoDB configurations at risk for attack. What was the issue with these MongoDB instances? How can organizations properly configure their databases to protect them from these attacks?
Relational databases have a long history of security risks and challenges, and they have matured to include significant security-related capabilities. There are detailed guides for how to secure these databases, but many are still insecurely configured by default.
Relational databases have decreased in popular attention because of the cost and complexity involved, as well as the growing development of NoSQL databases.
One of the newer NoSQL databases, MongoDB has been in the news for poor security practices. The default configuration for MongoDB databases is insecure, as no authentication is required to access the database, enabling anyone to establish a connection as a privileged user.
The MongoDB developers made the same mistake the Redis NoSQL database developers made in 2016. Reviewing the Shoulders of Infosec Project may help them learn a little about how security has developed over the last 40 years to minimize the chance they repeat the same mistakes from 40 years ago, much less mistakes similar projects made.
Organizations can minimally secure their MongoDB databases by using the security documentation and checklist. The effectiveness of MongoDB's Security Technical Implementation Guide is limited, as developers need to manually request access to it. The documentation and checklist are very high level and must be configured manually, since the default configuration of MongoDB is not something that should be used outside of closed trusted networks. The company even says in a security webinar that it is dereliction of duty to not use their security checklist.
It is unclear why MongoDB databases can be configured so insecurely. It is also unclear how security requirements are included in software development for the MongoDB project.
Learn how a MongoDB database misconfiguration led to the exposure of millions of accounts
Compare the benefits of SQL and NoSQL database designs
Find out how to select the best operational database management system for your enterprise
Dig Deeper on Data security breaches
Related Q&A from Nick Lewis
Sophos researchers believe the SamSam ransomware campaign could be the work of one or a few threat actors using manual techniques. Learn how it works... Continue Reading
The hacking group Magecart was recently found to have run a card skimming campaign that put customer information at risk. Learn how this attack ... Continue Reading
A new version of GandCrab was discovered by researchers in July 2018 and involves the use of legacy systems. Learn how this version differs and who ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.