back to article Insecure Hadoop installs next in 'net scum crosshairs

Rinse-and-repeat ransomware attacks on data services left unsecured by dozy sysadmins are now hitting Hadoop instances. Fidelis Cybersecurity reckons it's started observing the attacks, which seek out default installations of the big data darling, copy and then wipe Hadoop instances and then demand a ransom for return of …

Silver badge

Conclusions

"... claiming that almost all the scans came from just two IP addresses in China. As the post notes, however: “it's important not to jump to conclusions about the attacker's location simply by looking at an IP address."

Is it fairly easy for someone outside of China to set up a VPN service inside China and then use it to transfer large amounts of data from outside China to the VPN server and then back out to their own location?

1
0
Anonymous Coward

Re: Conclusions

Traditionally you wouldn't do this over a VPN or similar. Instead you'd hack some random servers and run the scanner on them.

0
0
Silver badge

Comments about dozy sysadmins are probably overstating things. It assumes there are sysadmins in any sense we'd recognise.

"We went to teh Cloudz to bypass our own IT because they're so fussy about things. Why do they make stuff so complicated?"

Now you know.

3
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018