Cloud databases: a breeding ground for ransomware

Abstract

Attackers are targeting cloud databases to trigger ransomware infections by directly taking control of the stored data. Databases are the foundational bricks allowing us to store data and provide a uniform capability so that various applications can dynamically transact data. Compromising the data provides an edge to the attackers to extract monetary gain using stolen information. In this article, we examine the root causes of ransomware infection in cloud databases and present real-world case studies of detecting ransomware infections in Elasticsearch and MongoDB cloud instances.