on the risk of online market leakage

Posted by santillano at 2020-03-11

A kind of





1. How was the network disk leaked?

Baidu online disk is the most widely used one in China. Today we will talk about how Baidu online disk leaks. The mechanism of online disk is upload, storage, private sharing and public sharing. These functions seem very simple, but private sharing requires a separate password to access, This kind of private sharing is relatively high and public sharing is public, but it can't be known without knowing the sharing address. Speaking of this, we certainly don't have a chance for private sharing, and public sharing gives many people who scan online disks maliciously the opportunity, such as the following channels.

In this channel, add some keywords, such as company name, product name, or internal file, financial report, database, etc., and you can find a lot of data of related enterprises. A simple leak is easy to find.

2. Leaked how to be found by these platforms?

There are several platforms mentioned above, so how does this platform find relevant and fully open shared files to be scanned?

1. When sharing, it is sent to the Internet forum or some public chat groups, which are collected by crawlers

2. This is the key point, which is also the method used by most sharing search platforms

18 years ago, the share was seven random

For example, if his sharing path is 1c921j8, we randomly change the number 1 in it to 1c927j8, and change the number 1 in the middle to 7, we can also see the file content that others share publicly

So the logic in this is easy to understand, because the sharing volume of Baidu online disk is too large. The seven digit random 26 English letter size plus 0-9 numbers can be compiled at will for blasting scanning to open sharing files, so as to share and scan online disk files. However, this is a long-term accumulation process, and the data volume of many online disk sharing platforms is not large Because Baidu also has its own risk control strategy

3. What are the threats and risks found?

We started to search the sensitive information of some companies and enterprises through a platform with a large amount of online disk sharing content. We found that there are a large number of core confidential information leaks of enterprises, such as the following

1. Leakage of internal competitive materials

2. Internal mail backup content disclosure

The good things that can be recovered in the mail are beyond words. I know it

3. Router password and server password

4. The fourth is the direct user data or database

Because of sensitive information, I dare not download it, and a large number of hackers have been found to share it with a relatively fresh social work library

This paper introduces four familiar data types, and how to deal with such a threat?

4. Find out the source of leakage in time and strengthen the risk education of online disk sharing

1、 How to find out who shared it in the first time after the leak happened and was detected?

For the first method, please refer to the method of sharing by sister Ann (click the original)

1. Go to locate the information of the sharer. If the sharer's ID is not encrypted, you may find the sharer (encrypted, there is also a way to find me!)

2. Look at the scope of internal sharing documents. If the on-the-job employees contact and warn as soon as possible, if they are not on the job, your legal department should know more about the process

3. If you really can't find this person, you can contact legal to open the process for the online disk to share this information to close

2、 How to prevent this kind of online disk sharing?

1. Add the monitoring point of the network disk software of the office computer to prohibit the download and use of the cloud disk on the working computer

2. Increase the monitoring and blocking of network disk sharing on enterprise office network traffic

3. Strengthen external risk scanning

Would you like to order a compliment before you leave?