Cloud Exposes SMBs to Attack as Human Error Grows

SMBs are increasingly seeing the same kinds of cyber-attacks as their larger counterparts as cloud and web-based applications help to close the gap between the two, according to Verizon.

The vendor’s annual Data Breach Investigations Report is compiled from an analysis of 32,002 security incidents and 3950 confirmed breaches.

The report claimed that smaller businesses comprised just over a quarter (28%) of the total number of breaches.

However, more telling was the alignment of top breach-related threats: phishing came top for both SMBs and larger firms, with password dumper malware and stolen credentials featuring in the top four for both.

More than a fifth (20%) of attacks on SMBs were against web applications and involved the use of stolen credentials.

In fact, attacks against cloud-based data were on the up overall with web app threats doubling to 43%. Credential theft, errors and social attacks like phishing accounted for over two-thirds (67%) of breaches.

Preventing human error has also become an increasingly important factor in cybersecurity. This year’s report found that related breaches are even more common than malware-driven breaches and almost as popular as phishing.

In total, human error accounted for 22% of all breaches, with misdelivery of emails slightly more common than the growing challenge of misconfiguration.

“The fact that misconfiguration is in the top five action varieties for breaches is an important acknowledgment that not all incidents are the result of an exploited vulnerability. Misconfigurations actually lead to more breaches than exploited systems, but organizations often don’t put the same effort into assessing them as they do scanning for vulnerabilities,” argued Tripwire VP of product management, Tim Erlin.

“At a high level, the key things for every organization to worry about are brute forced and stolen credentials, and web applications.”

On the plus side, patching appears to be getting better: just one in 20 breaches exploit vulnerabilities, and 81% were contained within a day or less.

Elsewhere, the insider threat remains pronounced, accounting for 30% of all breaches, while organized crime dominated the external breaches, comprising 55% of the overall total.

“If you want to protect yourself from the most common breaches, protect your web servers, your workstations and your mail infrastructure,” said Erlin.

What’s Hot on Infosecurity Magazine?