Press "Enter" to skip to content

Posts tagged as “MongoDB”

MongoDB Ransomware Attacks Grow in Number

Evidently DevOps running MongoDB haven’t heard the word about the latest round of ransomware targeting the database, as the numbers of deployments with data being held for ransom continues to rise.

MongoDB ransomware

Last week when the news started hitting the net about ransomware attacks focusing on unprotected instances of MongoDB, it seemed to me to be a story that would have a short life. After all, the attacks weren’t leveraging some unpatched vulnerabilities in the database, but databases that were misconfigured in a way that left them reachable via the Internet, and with no controls — like a password other than the default — over who had privileges. All that was necessary to get this attack vector under control was for admins to be aware of the situation and to be ready and able to reconfigure and password protect.

Guess what? It hasn’t gone down that way — at least not so far.

On Wednesday when I wrote about this there had been about 2,000 databases attacked. By this morning, according to eWeek, over 10,000 databases have been affected. What’s more, last week it appeared as if all of the attacks were being carried out by one person or organization. Now there are at least five organizations steadily working in an attempt to turn unprotected databases into bitcoins.

Dwight Merriman Part III: Vendor Lock, Forks & Desktop FOSS

Editor’s note: This is the final installment of a three part series focusing on an interview with Dwight Merriman, co-founder of MongoDB. Part one was published last Monday as From DoubleClick to Database. Part two was published on Wednesday as Why MongoDB Embraces Open Source.

MongoDB’s Dwight Merriman and I were about thirty minutes into our conversation at All Things Open. Lunch time was approaching and I was definitely hungry. Merriman was getting a little antsy, ready to wrap it up, but there were a few more things I wanted to talk about first.

MongoDB Dwight Merriman ATO
MongoDB co-founder Dwight Merriman giving his keynote address at this year’s ATO conference.
Click to enlarge
“You said something today in your keynote address that I’d never thought about and it resonated with me,” I said. “A lot of our readers are users of open source, but not necessarily developers, not necessarily involved in the business end of open source. They run Linux. They maybe have a website or two — something along those lines.

“You mentioned how much easier it is putting together a project with open source because you can take from here and there. You talked about modularity. I’m thinking that’s not a lot different than the Linux home user who’s using modules and just doesn’t think of it in that way. He’s got his operating system, he’s got his word processor, he’s got his spreadsheet program…”

There really wasn’t a question here, just an idea to throw out for comment.

Christine Hall

Christine Hall has been a journalist since 1971. In 2001, she began writing a weekly consumer computer column and started covering Linux and FOSS in 2002 after making the switch to GNU/Linux. Follow her on Twitter: @BrideOfLinux

Breaking News: