145 databases have been exposed to cyberattacks in the last two months


The National Cyber ​​Network has developed a scanning system for locating insecure databases, which in recent months has identified 145 databases that were exposed on the network, 16 of which contained particularly sensitive private and business information – according to data transmitted by the system to Calcalist. Following the discovery, the cyber system turned to the various organizations, and all the databases were secured and no longer exposed.

Read more in Calcalist:

The system, revealed here, was developed in an array based on open source. It scans the Israeli network regularly and is able to automatically identify databases that are not properly secured. The main purpose of the system is to identify databases that contain sensitive information such as financial data, business details, passwords and usernames, which are exposed to the network without adequate protection.

Upon identification of such a database, an analyst of the array examines the system’s findings, and if the organization that operates the database is identified, he is contacted immediately. According to the cyber array, the sensitive databases identified through the system belong to medium and large companies and included data such as customer information, business information on financial company ratings, market analysis information that includes phone numbers and access permissions to enterprise computing systems.

Cyber ​​security Photo: pixabay

“Exposed databases on the Internet are an attractive target for attackers. Many hackers search for exposed databases that contain financial information or identification information, download them, disrupt, sell them and sometimes demand ransom from the organization for their release,” said Idan Shlomo, a senior national cyber analyst who helped In system development, in a written message. “We have developed the system so that it can locate those databases in advance so that we can alert the bodies.”

The director of the National Cyber ​​Event Management Center, Lavi Stockhammer, added: “The move to work in a cloud environment, accelerated by the Corona crisis, poses new challenges for information security managers mainly around the ability to manage, monitor and detect real-time developer and infrastructure errors. “Databases in a way that will allow external parties to access them unhindered, so we are actively examining alerts to organizations to prevent the data from getting into the wrong hands ahead of time.”


Please enter your comment!
Please enter your name here