Is your hard drive exposed online?
Over 13,500 internet-connected storage devices have been exposed online by users who failed to set access passwords for them, it emerged last week.
The affected drives all use the Internet Small Computer Systems Interface (iSCSI), which is an implementation of the older SCSI interface that connected disk drives directly to computers.
iSCSI, which was standardised in 2000, enabled that protocol to operate over IP connections so that devices could connect to drives across local area networks, or wide-area connections including the general internet.
Today, people use iSCSI to connect to a range of devices including the kinds of network-attached storage (NAS) drives that you’d find in a small office, and larger banks of network storage devices in datacentres.
iSCSI is also a common way for computers to connect to virtual machines (VMs). These are software files containing entire operating systems that run on a thin layer of software rather than directly on a physical server, making it possible to run many of them on a single computer at once. VMs are the basis for modern cloud computing, which relies entirely on virtualised resources.
Here’s the problem with putting things on the internet, though: They’re usually easy to find and connect to. If you put something like an iSCSI device online and then fail to secure it with login credentials, it means that it’s publicly available for anyone to access.