New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

Unsecured Database Exposes Honda’s Network

An open ElastiSearch database was found that exposed a huge amount of information on the global network of the automotive giant Honda. It showcases potential security issues that could be exploited by attackers. The misconfigured database contains around 134 million documents, about 40 gigabytes worth of information, on roughly 300,000 Honda employees worldwide. According to researchers, the information appeared to be something like an inventory of all of Honda’s internal machines. The exposed information included information such as machine hostnames, MAC addresses, internal IP addresses, operating system versions, which security patches have been applied and the status of Honda’s endpoint security software. The exposed information also included very specific data on Honda’s employees such as names, email addresses, last logins, and security information on their individual computer systems. Other information contained appears to be around 3,000 computers that do not use an endpoint security software program. The exposed employees included users of all levels to include executive officers of Honda. If an attacker was looking to damage Honda, this database would provide them with everything necessary to perform malicious actions. After Honda was notified of the database, they secured the information and is working to verify that this does not ever happen again.

Analyst Notes

Organizations that use third-party controlled databases should ensure that proper security precautions are being used. Routine security checks should be carried out regularly to make sure that things are up to date and secure.