Over 13,000 iSCSI storage clusters are currently accessible via the internet after their respective owners forgot to enable authentication. From a report: This misconfiguration has the risk of causing serious harm to devices’ owners, as cyber-criminal groups could access these internet-accessible hard drives (storage disk arrays and NAS devices) to replace legitimate files with malware, insert backdoors inside backups, or steal company information stored on the unprotected devices. […] Over the weekend, penetration tester A Shadow tipped ZDNet about this hugely dangerous misconfiguration issue. The researcher found over 13,500 iSCSI clusters on Shodan, a search engine that indexes internet-connected devices. In an online conversation with ZDNet, the researcher described this iSCSI exposure as a “dangerous backdoor” that can allow cyber-criminals to plant ransomware-infected files on companies’ networks, steal company data, or place backdoors inside backup archives that may get activated when a company restores one of these booby-trapped files.

Read more of this story at Slashdot.

Source: Slashdot – Over 13K iSCSI Storage Clusters Left Exposed Online Without a Password