Jan 18, 2017
This past week, a widely-reported ransomware attack was carried out against tens of thousands of MongoDB databases, and the attackers also targeted several hundred Elasticsearch instances for good measure. Those affected were given a distressing ultimatum: pay Bitcoin to the attackers, or have their data deleted. To add further insult, many who paid the ransom did not even receive their data in return.If you’re a Bonsai customer, rest assured: your clusters are perfectly safe.This particular attack targeted databases that are open to the internet, and totally unsecured. Attackers would crawl public IP addresses en masse in order to find such services. By automating the collection, probing, and attack of MongoDB and Elasticsearch instances, hackers were able to ransom a significant amount of data in a very short amount of time.As anyone with a public-facing SSH service on port 22 can attest, this kind of attack is not uncommon. With services that can automate the scanning of the entire IPv4 space, managing the security of your data is an ongoing concern for anyone hosting such services. And, unfortunately, most people are not particularly great at this kind of operational security.At Bonsai, it’s our job to anticipate these kinds of problems, and make opinionated architectural design decisions to help prevent them. Here’s a small sample:
We have also previously published a detailed blog entry covering a few other tidbits about how we handle security for Elasticsearch, if you’re interested in some light reading on the subject.This most recent attack underscores that one of the most important thing our users can do to protect their data is to treat the cluster URL like a password. It’s sensitive information and access to it should follow the principal of least privilege. Also, we provide the option of rotating the randomly-generated credentials, which users should do regularly (and especially if there is reason to suspect that their full URL has been leaked). For detailed information about your cluster URL, see our thorough documentation here:
We take security very seriously and are constantly monitoring for and responding to potential threats. It would be much easier to design an architecture that pushed some of these decisions onto our customers. But we know that our customers appreciate our service because of the opinionated expertise that we integrate directly into our systems. We take every precaution and are opinionated about our infrastructure as a result.Hopefully you’ve found this insightful! Both for a few specific design points and policies, as well as for the overall sense of responsibility and design philosophy with which we approach the design of our service.If you ever have any concerns or questions about how we’re keeping your data safe, or what you can do to beef up your own security, please don’t hesitate to reach out!
Schedule a free consultation to see how we can create a customized plan to meet your search needs.