The main trend among hackers in 2022 is attacks on database servers, their share in the total number of leaks was 68%, in the amount of stolen data — 83%; in 2021, data sources were mainly leaks due to the fault of unscrupulous employees, Kommersant reported, citing the DLBI data leak intelligence and darknet monitoring service.
The founder of the service, Ashot Hovhannisyan, explained that hackers gain access to servers by infecting the workplaces of IT specialists with malware that helps steal passwords and session cookies, by searching for and exploiting vulnerabilities in remote access systems, as well as in the SQL servers themselves. or CMS (content management systems).
Group-IB confirmed this trend: according to the company, in 2022 the number of unprotected databases in Russia increased by 37% and reached 7400. Fedor Chunizhekov, an analyst at the Positive Technologies research group, noted that the reason for this is the insufficient attention of developers, administrators and architects of databases to security, vulnerabilities in the products used and misconfiguration. Database servers are often configured with default security settings, which can lead to a leak, he says.
Oganesyan noted that the stolen data is used for experimental database enrichment and phishing. According to the company, in the first half of the year, the volume of leaks of valuable data increased to 61 million unique records from 6 million records in the same period in 2021. The number of stolen non-unique data reached 2.4 billion by July.
Subscribe to Vedomosti on Telegram and stay up to date with the main economic and business news