Security

Human error led to 424% increase in misconfigured cloud servers, prompting hacks

According to the 2018 IBM X-Force Threat Intelligence Index, breached records dropped 25% as hackers turned to ransomware.

Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Employee error led to a massive 424% bump in misconfigured cloud infrastructure for businesses. — IBM X-Force, 2018
  • The number of records breached dropped by 25% percent in 2017, as attackers turned to other methods such as ransomware. — IBM X-Force, 2018

Human error has long been associated with poor cybersecurity hygiene, but it's starting to negatively impact other aspects of the tech ecosystem. Due to employee mistakes, the number of records breached through misconfigured cloud servers rose by 424% in 2017, according to the 2018 IBM X-Force Threat Intelligence Index, released Wednesday. An IBM press release called it an "historic" jump.

Additionally, nearly 70% off the compromised records tracked by IBM in 2017 were exposed due to one of these misconfigured servers, the release noted.

In keeping with the theme of human error, roughly a third of the "inadvertent activity" that led to a security event last year was due to someone getting phished. Millions of spam messages that led to some of these incidents were created with the Necurs botnet, a favorite of hackers in 2017, the report said.

SEE: Information security policy (Tech Pro Research)

While it is an ugly truth, the fact is that human employees are an organization's greatest security risk. Enterprise security professionals should double their efforts on employee education regarding phishing scams, and audit cloud server deployments for possible misconfigurations.

There is a bright side to IBM's report, though. In 2017, the total number of records breached dropped by 25%. However, the report noted, this was due to a rise in ransomware and other attacks that destroy or lock data.

According to the release, roughly 2.9 billion records were breached in 2017, a noted drop from the 4 billion disclosed in 2016. "While the number of records breached was still significant, ransomware reigned in 2017 as attacks such as WannaCry, NotPetya, and Bad Rabbit caused chaos across industries without contributing to the total number of compromised records reported," the report said.

The financial services industry saw the worst of it: Some 27% of attacks across all industries targeted financial services.

And while breached records do indicate criminal activity, they don't give the full picture of security in 2017, according to Wendi Whitmore, global lead for the IBM X-Force Incident Response and Intelligence Services (IRIS).

"Last year, there was a clear focus by criminals to lock or delete data, not just steal it, through ransomware attacks," Whitmore said in the release. "These attacks are not quantified by records breached, but have proven to be just as, if not more, costly to organizations than a traditional data breach. The ability to anticipate these attacks and be prepared will be critical as cybercriminals will continue to evolve their tactics to what proves most lucrative."

Also see

cloudsec.jpg
Image: iStockphoto/LeoWolfert

About Conner Forrest

Conner Forrest is a Senior Editor for TechRepublic. He covers enterprise technology and is interested in the convergence of tech and culture.

Editor's Picks

Free Newsletters, In your Inbox