We setup a honeypot to see how long for hackers find unsecured database
If you think leaving user data exposed online for “just a day” is no big deal, think again. We setup a honeypot to see just how quickly hackers find unsecured data.
Led by researcher Bob Diachenko, the team set out to find “If you leave a database unsecured on the web, how long does it take hackers to find and steal it?” They created a simulation of a database on an Elasticsearch instance and put fake user data inside of it. Then they left it publicly exposed to see who would connect to it and how they would try to steal, scrape, or destroy the data.
Key findings include: