How to Fend Off MySQL Database Blackmailers

There are so many attacks that are directed at databases. Of late, a great number of these attacks have been engineered for the popular MySQL information store. The attacks are based on brute-forcing or guessing the root passwords. Once the attacker gets in, they add a new table called ‘WARNING’ and it has contact details for a ransom payment. The ransom note usually reads as ‘PLEASE_READ’. Once this is done, the attacker deletes all the databases on the server. The ransom requires you to pay a specified amount in Bitcoin in order for the deleted data to be restored.

Needless to say, this is a nightmare for every victim. What’s more is that there is no guarantee that the attacker has copies of the deleted files. The only way to defend yourself from such ransom demands is to secure your database. If the worst happens and you are attacked, make sure you verify that the attacker has the data before you pay the ransom. Below are some of the things you should consider doing to defend yourself from such practices.

• Back up your database regularly

This is a no-brainer. It is very important to create a backup of your website. It will not only give you a fresh copy in case your server is compromised by hackers but it also enables you to restore your system in the event that you lose all your data. There are so many tools and experts you can turn to for DBA services. Make sure that your database is backed up regularly and not on the same server.

• Minimize database exposure

The second thing you have to do is to minimize your database exposure. Start by making sure that you don’t rely on the default settings. Hackers know that most administrators don’t take the time to change up the default settings when setting up a database. As a result, they focus on the default settings. This makes it very easy for them to break in. During setup, you have to rename or delete all the default settings. Start by changing up the port number. You must also rename the default system account. Next, you need to disable or even remove everything that you will not be using. By doing this, you become less predictable. This means that an attack on your SQL server will be more difficult.

• Control who can access the SQL server

The greater the number of people who have access to your server, the higher the risk of an attack. To start with, don’t use shared user accounts for administrators. You need to create dedicated accounts for each administrator and they must all use personal accounts. The best security practice is to create separate service accounts with a descriptive name for every application that works with the SQL server. This reduces exposure.

Other things you need to do to fend off attacks is to regularly patch the SQL server, keep track of how your database is doing and keep up with the trends on database security.