Content, Content

IBM Research: Surging Cloud Data Breaches, Leaks Tied to User Error

Data breaches related to cloud infrastructure rose 424 percent in 2017 and many of the incidents involved misconfigured user settings, according to research from IBM Security.

MSSP Alert covered many of those cloud data leaks -- including:

  • Accenture Cloud: Accenture Cloud mission critical intellectual property (IP) was exposed via an Amazon Web Services (AWS) cloud leak.
  • Time Warner Cable: More than 4 million Time Warner Cable customer records were exposed via an AWS cloud leak.
  • WWE: A World Wrestling Entertainment (WWE) database leak exposed the personal information of more than 3 million users.
  • Dow Jones: About 2.2 million Dow Jones subscribers were affected by a data leak that occurred due to a misconfigured AWS cloud account.

IBM X-Force 2018 Security Research

Meanwhile, key findings from IBM Security's "2018 IBM X-Force Threat Intelligence Index" included:

  • More than 2.9 billion records were reported breached in 2017, down from 4 billion in 2016.
  • Injection attacks accounted for 79 percent of the malicious activity on enterprise networks last year.
  • Inadvertent activity such as misconfigured cloud infrastructure was responsible for the exposure of nearly 70 percent of compromised records, and inadvertent insiders were responsible for more than two-thirds of all records compromised last year.
  • Cybercriminals most frequently targeted the financial services industry, which accounted for 27 percent of cyberattacks across all business sectors last year. In addition, many cybercriminals leveraged banking Trojans specifically targeting consumers and end users across the financial services industry.

Cybercriminals regularly locked down access to data and demanded ransom payments from data owners in 2017, IBM Security indicated. Going forward, organizations must keep pace with ransomware and other rapidly evolving cyberattacks, or they risk costly, time-intensive breaches that could put their customer and employee data in danger.

How Can Organizations Keep Pace with Cybercriminals?

IBM Security offered the following recommendations to help organizations quickly identify and address cyberattacks:

  • Practice security fundamentals. Effective patch management, the implementation of real-time systems and processes to monitor and detect breaches and the use of machine learning tools to identify and evaluate cybercrime patterns can help organizations predict cyberattacks before they occur.
  • Teach employees about security dangers. Cybersecurity awareness programs enable organizations to keep pace with the changing cyber threat landscape. Also, organizations should provide ongoing role-based cybersecurity training for all employees.
  • Use penetration testing. Organizations must take steps to ensure that the data they collect in accordance with applicable privacy laws is properly secured with controls that are tested over time.
  • Invest in incident response tools. Incident response tools empower organizations to limit the impact of advanced cyber threats.

Furthermore, cybercriminals frequently used ransomware attacks to lock and delete data in 2017, IBM X-Force Incident Response and Intelligence Services (IRIS) Global Lead Wendi Whitmore said in a prepared statement. If organizations use advanced cybersecurity tools to anticipate ransomware attacks, they could avoid the costs, downtime and brand reputation damage commonly associated with these attacks.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.