Elasticsearch databases are being hit hard by ransom attacks TechRadar Skip to main content TechRadar is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us. Elasticsearch databases are being hit hard by ransom attacks By Sead Fadilpašić last updated 2 June 2022 Hundreds of Elasticsearch databases were wiped (Image credit: Shutterstock / binarydesign) Audio player loading… Hundreds of misconfigured Elascticsearch databases were recently hit by ransom attacks (opens in new tab), security experts have found. Cybersecurity researchers from Secureworks have uncovered 450 databases whose contents have been wiped, and in their place, a ransom note left. The ransom note demands $620 per database, to restore the contents, adding up to a total of $279,000. Paying victims will receive a download link for their database (opens in new tab), which should help them restore the data structure quickly, the attackers claim. (opens in new tab) Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99. The victims have a total of seven days to pay up, otherwise the ransom demand will double. If the victims fail to meet the extended deadline, they can expect never to see their data again. Backing up But BleepingComputer believes chances are - the victims will never see their data again, regardless of if they make the payment, or not. Apparently, it's both practically and financially unfeasible for the attackers to keep all this data stored somewhere. Chances are, they probably deleted all of it anyway, and are now just trying the victims out to see who'll pay up anyway. The entire attack was fully automated, the researchers believe. Using an automated script, they parsed unprotected databases, wiped the data, and added the ransom note. As usual, the demand is to be paid in bitcoin, and so far, one payment has been made, the publication confirmed. Read more> Thousands of mobile app cloud databases have been left exposed online (opens in new tab) > Microsoft Azure bug left a bunch of cloud databases wide open (opens in new tab) > Sega left a huge database of user information open to hackers (opens in new tab) Paying the ransom demand is never advised. There's no guarantee the victims will get their data back, be it partially, or completely. It also motivates the attackers to keep the campaign going. The victim could be struck again, either by the same threat actor or by an entirely different one. Instead, businesses are advised to protect their endpoints with ransomware protection services, set up a firewall (opens in new tab), educate their employees on the dangers of phishing, and make sure they keep all of their software and hardware up-to-date. Last, but definitely not least, businesses should ensure a strong, and regularly updated, backup solution.Keep your devices secure with the best malware removal services right now (opens in new tab) Via: BleepingComputer (opens in new tab) Sead Fadilpašić Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he's written for numerous media outlets, including Al Jazeera Balkans. He's also held several modules on content writing for Represent Communications. See more Computing news Are you a pro? Subscribe to our newsletter Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Thank you for signing up to TechRadar. You will receive a verification email shortly. There was a problem. Please refresh the page and try again. MOST POPULARMOST SHARED1Amazon Prime members can get a great Lord of the Rings game for free this month2Canon's next mirrorless camera could be too cheap for its own good3PC gamers are shunning high-end GPUs – spelling trouble for the Nvidia RTX 40904A whole new breed of SSDs is about to break through5There's finally a fix to this serious Microsoft Teams problem1PC gamers are shunning high-end GPUs – spelling trouble for the Nvidia RTX 40902IT pros suffer from serious misconceptions about Microsoft 365 security3Canon's next mirrorless camera could be too cheap for its own good4Con le RTX 4000 ho capito che Nvidia ha perso la testa5A whole new breed of SSDs is about to break through Technology Magazines (opens in new tab)● (opens in new tab)The best tech tutorials and in-depth reviewsFrom$12.99 (opens in new tab)View (opens in new tab)