In our previous blog, we explained what open directories are and how they can result in a data leak. As mentioned there, we conducted research into the risks of open directories ourselves, to see the extent of the problem. We’ll go into the method and preliminary results of that research here, while leaving the most telling examples and conclusions for our webinar on Wednesday 1 December.
For the research, we used a combination of Shodan and our own Attack Surface Management (ASM) platform. Shodan is used as a search engine for internet-connected devices, practically in the broadest sense of the term. Our ASM platform automatically detects and maps the digital assets of an organisation, by looking from the outside-in. All assets are scanned for digital risks and scored accordingly, helping IT professionals prioritise the most pressing vulnerabilities in their systems.
Our main goal was to research the extent of open directories and the risk they pose, and analyse them for misconfigurations and exposed confidential data. Naturally, upholding the confidentiality of (exposed) data was a priority throughout the entire research.
We split the process into smaller parts:
- Check for exposure of open directories;
- Collect and process data;
- Analyse the data;
- Correlate the findings.
Overall, we found 475,537 open directories during the two-month research period. As each one of those directories holds a number of folders and files, the total number of exposed files reaches well over the 10 million.
Naturally, results varied geographically depending on internet use. In our research, the US had the most detected open directories: 171,587 compared to 39,447 from Germany, the runner-up in the list. After that, though, results in the top 10 did not vary as much anymore, with an average of 17,132 detected open directories from countries ranging from Canada to Japan. Those are still a lot of individual files vulnerable to data leaks. We will cover some of the most remarkable findings from different countries in more detail during the webinar.
We also detected various file types in the open directory data dumps. There were .zip files, as well as .sql, .tar, .gz, .md, .backup, and more. These data dumps are massive, with some of the compressed folders holding over 30GB of data.
What to expect from the webinar
Next to extensive data dumps, we were able to detect other types of data such as leftover files and exports. Our Security Analyst Soufian El Yadmani will go over these types of findings and the different types of critical data they hold.
After examining the different kinds of data leaks and establishing the level of risk that open directories pose, we will conclude our webinar with some tips and tricks. How can you prevent similar data leaks at your organisation? Our CISO Vincent Thiele will share his insights and best practices.
Click here to register for the webinar: