Breached Records Fall 25% as Cloud Misconfigurations Soar

Written by

The number of records breached in publicly disclosed incidents fell by 25% in 2017, although leaks related to misconfigured cloud services soared, according to IBM.

The tech giant’s 2018 IBM X-Force Threat Intelligence Index reported that around 2.9 billion records were breached last year, down from a staggering four billion in 2016.

The firm claimed that cyber-criminals targeted more of their efforts during the 12 months on ransomware, which ended up costing victim organizations billions.

However, although there were fewer records stolen by cyber-thieves in 2017, more were exposed by human error relating to misconfigured cloud infrastructure, the report found.

There was a 424% jump in these incidents, which comprised 70% of compromised records tracked by IBM X-Force in 2017.

It’s debatable whether these incidents can be classed as ‘data breaches’ as in most cases there’s no evidence to suggest the information ended up in the wrong hands.

However, the security risk is obvious. Analysis from Digital Shadows released yesterday revealed 1.5 billion sensitive corporate records were exposed to the public internet through misconfigurations in the first three months of 2018 alone.

These included open Amazon Simple Storage Service (S3) buckets, rsync, Server Message Block (SMB), File Transfer Protocol (FTP) servers, misconfigured websites and Network Attached Storage (NAS) drives.

Aside from misconfigured cloud infrastructure, users tricked by phishing attacks represented one-third of “inadvertent activity” that led to a security event in 2017, IBM said.

“Malware attacks, misconfigurations and user-driven attacks are going to continue to cause companies problems, despite the emphasis being on patching and updating operating systems and applications,” commented ESET security specialist, Mark James. “So many companies have to outsource so many services that it becomes very difficult to have complete control over the security of our data, when it’s being stored on someone else’s servers."

IT companies were the most attacked (33%) last year, followed by manufacturing (18%) and then financial services (17%), which is traditionally the most commonly targeted, according to IBM.

What’s hot on Infosecurity Magazine?