14 DAY TRIAL // Security researcher David Litchfield from UK conducted a new study to find out how many database servers available out there in the wild are protected against hackers and web attacks. The results are shocking: almost 500,000 servers with no protection based on both SQL and Oracle technologies. Due to the vulnerabilities discovered every once in a while in these solutions, a hacker would find it pretty ease to infiltrate into an affected system and steal users' data since there's no firewall or other similar security solution. According to Computerworld UK, the researchers chose approximately 1 million random IP addresses to scan the ports usually used by SQL and Oracle. "He found 157 SQL servers and 53 Oracle servers," Computerworld wrote.
"There are approximately 368,000 Microsoft SQl Servers... and about 124,000 Oracle database servers directly accessible on the Internet. It's terrible. We all run around like headless chickens following these data breach headlines... organisations out there really don't care. Why are all these sites hanging out there without the protection of a firewall?" security researcher and managing director of NGSSoftware, David Litchfield, said for the same source.
The Internet is no longer a safe place and we all know it since the hackers are attempting to steal every piece of information stored on your computer. And imagine that a server database is even more attractive for all attackers because it hosts details about numerous users which could easily help a hacker reach his goals.
So, is there anything to do to remain protected? Not much, I would say, because you can easily defend your data by installing one of the hundred firewalls available out there. In addition, you can easily keep your technologies up-to-date with the latest patches as new vulnerabilities and security glitches are discovered and published on the web every day.