Do you maintain a MySQL server? If so, you’re certainly not alone. What you may not know is that according to research conducted by The Shadowserver Foundation, (a cybersecurity research group) there are literally millions of MySQL servers visible on the internet that shouldn’t be. In all, the group found more than 3.6 million MySQL servers visible on the web and using the default port, TCP port 3306.
The company noted that they did not check for the level of access possible, or the exposure of specific data. The fact remained that the server itself was visible and that alone was a security risk, regardless of any other factors.
The United States led the world in terms of total number of exposed servers, with just over 1.2 million, but there were also substantial numbers to be found in Germany, Singapore, the Netherlands, and China.
The company broke their scan down in much more detail and granularity in their report.
Here are the highlights:
- Total exposed population on IPv4: 3,957,457
- Total exposed population on IPv6: 1,421,010
- Total “Server Greeting” responses on IPv4: 2,279,908
- Total “Server Greeting” responses on IPv6: 1,343,993
- 67 percent of all MySQL services found are accessible from the internet
And here’s the bottom line: An exposed MySQL server has serious security implications that can lead to a catastrophic data breach that sees a company lose control of proprietary data or sensitive customer data.
In addition to that, it can give hackers an easy inroad to mine your network with a wide range of malware, allowing them to siphon data from you in real time and over an extended period. They can also wholesale encrypt your files and demand a hefty ransom to regain access.
None of those outcomes are good for your company, so if you’ve got a MySQL server, check to be sure it’s properly secured today.