A new study from the Comparitech research team, led by Bob Diachenko, found that attackers can find unprotected servers faster that websites can index them. Elasticsearch is a highly scalable open-source full-text search and analytics engine. It allows you to store, search, and analyze big volumes of data quickly and in near real-time. It is generally used as the underlying engine/technology that powers applications that have complex search features and requirements. Comparitech’s research team left an Elastisearch server exposed on the Internet for 11 days, which was probed by attackers only 8.5 hours after deployment, and averaged 18 attacks per day. Before being indexed by search engines, the server was hit more than 36 times which indicates that attackers are not waiting for servers to appear on public resources. The research company stated that some of the hits could be from security researchers looking for open servers. From the attacks observed, many of the attackers were attempting to install a crypto miner. Other attackers tried to use old exploits to either steal admin passwords, cryptojacking, or to perform a ransom-based attack.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in