A scanning and detecting system developed by the Israel National Cyber Directorate (INCD) has discovered 145 at risk databases 16 of them containing extremely sensitive private and business information, according to details provided to Calcalist by the government agency. Following the detection, the INCD reached out to the organizations that own and operate the weakly protected databases and they are no longer exposed.
The system, exposed in Calcalist for the first time, was developed using open-source code. It routinely scans the Israeli internet and can automatically detect insufficiently protected databases. The system’s main goal is to identify databases that contain sensitive information like financial details, business details, usernames, and passwords that are not secure enough.
Once such a database is discovered, an INCD analyst examines the system’s findings and if the operator can be identified, they alert them immediately. According to the INCD, the sensitive databases identified by the system belong to medium and large companies and included details such as customer information, companies’ financial ratings, market analysis information that included phone numbers and access permissions to enterprise computing systems.
“Exposed databases are an attractive target for attackers. Many hackers search for exposed databases that contain financial information or other private data, download them, disrupt them, sell them, and sometimes even demand ransom from the organizations for their release,” Idan Shlomo, a senior INDC developer who helped develop the system, said in a written statement. “We developed the system to preemptively detect the exposed databases so the owners can be warned.”
“The shift to working on the cloud, which was expedited by the Covid-19 crisis, is creating new challenges for information security officers especially when it comes to their ability to identify mistakes by programmers and infrastructure builders in real time,” INCD executive director Lavy Shtokhamer said. “Such errors may expose databases, enabling external actors to gain undisturbed access to them. That is why we proactively warn organizations to help them prevent allowing the data to reach the wrong people.”