Report: Millions of Online Databases Unsecured

Belgian computers are most exposed to hacking according to a new study, with the US in 14th place. It's all because of millions of computers having open, unsecured connections to the Internet.

Research firm Rapid7 looked at the full range of data connection services on the Internet beyond just the more familiar HTTP that most users use while browsing the web. These include FTP (file transfer protocol) SSH (secure shell for remote connections), and SMTP (simple mail transfer protocol), used for many email services.

To carry out the research, the company embarked on the massive task of scanning every "public-facing" IP address, meaning they effectively looked at as many computers and servers connected to the Internet in a way that's visible to any other user. The company then looked at which of these devices were offering unsecure service connections.

Connections Likened To Open Doors

This isn't a guarantee the device can be remotely hacked, but it may make it more vulnerable. The Guardian newspaper explained in an analogy that "An open door doesn't make a business necessarily unsafe, for example; but a business with 20 open doors is likely to be much harder to keep secure than a business with just one." (Source: theguardian.com)

The technical method behind the study is likened to pushing every door to see if it has been left open, but not looking or going inside any of the buildings.

Rapid7 gathered together the raw numbers of open service connections on devices in 50 countries. It found the figures were surprisingly disproportionate to the number of Internet-connected devices or populations. Belgium was the "most exposed" with Tajikistan second, Samoa third and Australia fourth, while Vietnam was the "safest" of the 50. (Source: rapid7.com)

Millions Of Databases Exposed

Beyond the country breakdown, the numbers of open connections by individual services also proved surprising. Around 15 million connections appeared to allow telnet connections, a technology which can give remote access to, and control of, a computer. Meanwhile, more than 11 million computer databases appeared to be available without any encryption or other access restrictions.

The company plans to repeat the study in future years to try to track improvements or deteriorations as technology changes, such as the forecast growth in unconventional devices such as sensors and thermostats being connected to the Internet.

What's Your Opinion?

Do the findings surprise you? Can you think of any explanation why these countries were the worst performers? Should tech firms do more to block unsecured connections?