Over 13K iSCSI storage clusters left exposed online without a password

guest · Apr 1, 2019

Over 13K iSCSI storage clusters left exposed online without a password
New attack vector opens backdoor inside enterprise disk storage arrays and people's NAS devices
April 1, 2019
https://www.zdnet.com/article/over-...sters-left-exposed-online-without-a-password/

The protocol's main purpose is to allow an operating system to view and interact with a remote storage device, as if it was a local component, instead of an IP-based accessible system.

But just like in the case of many internet-connected devices, such as routers, databases, web servers, and others, there is that small portion of device owners who failed to follow a minimum of security measures, and have left their storage arrays exposed online without authentication.
THOUSANDS OF ISCSI CLUSTER AVAILABLE VIA SHODAN
Over the weekend, penetration tester A Shadow tipped ZDNet about this hugely dangerous misconfiguration issue. The researcher found over 13,500 iSCSI clusters on Shodan, a search engine that indexes internet-connected devices.

In addition to our separate investigation, A Shadow, who has spent a few days analyzing the results, said that many of these iSCSI clusters also belong to private companies, which can be ideal targets for cyber-criminal groups, and especially ransomware gangs targeting big ransom payouts.
Click to expand...

Log in or Sign up

Over 13K iSCSI storage clusters left exposed online without a password

guest Guest

Log in or Sign up

Over 13K iSCSI storage clusters left exposed online without a password

guest Guest

Useful Searches