Almost 50% Chief Information Security Officers say they are extremely anxious about the security implications of the cloud, and recent data breaches support their anxiety. Their main concern is that their information is not in their control. Even after securing data with a lot of sophisticated tools, a small employee mistake can jeopardize the whole cybersecurity of the organization.
If one thinks Yahoo’s breach of over three billion records was bad enough, we have had plenty breaches this year that have turned out to be more massive and serious.
There have been lots of AWS S3 bucket breaches in the past, many instances of a S3 buckets being misconfigured and billions of records left open to public. According to researchers from the cybersecurity firm UpGuard, the American media giant Viacom left one gigabyte of sensitive files publicly exposed. The exposed files included Viacom’s secret cloud keys — information that a hacker could have used to take control of the company’s cloud servers.
More recently over 250 million records were exposed in a breach at Microsoft. According to them - The investigation has determined that a change made to the database’s network security group on December 5, 2019 contained misconfigured security rules that enabled exposure of the data. Upon notification of the issue, engineers remediated the configuration on December 31, 2019 to restrict the database and prevent unauthorized access. This issue was specific to an internal database used for support case analytics and does not represent an exposure of our commercial cloud services.
Marriott suffered another credential-based breach. Credential stuffing and phishing are the likely perpetrators here. A hacker used the credentials of two employees of a Marriott property and used them to steal data for over a month before being discovered.
The list of data breaches is huge.
The list of data breaches is huge.
A few of the biggest breaches are as follows:
The cloud makes services widely available and businesses much more visible and accessible. For this reason, being careful is critical as easy accessibility can benefit hackers' ambitions. Thanks to the dark net, hackers have all kinds of sophisticated tools freely available, making it easier to access companies’ and employees’ data.
As mentioned above, most breaches have occurred due to human error and ignorance of the threats and risks, which makes them easy preys. It is important to remember that employees are the weakest link in an organization's security and that strengthening their knowledge will always be the best protection tool.
With COVID-19 pandemic still ravaging countries, the work-from-home strategy will continue for longer than expected. The cloud plays an important role in shaping this strategy. Now that millions of people work from home, hackers see an easy-access gold mine. Not surprisingly, phishing attacks have increased tremendously. Hackers know that the best gateway to an organization's data is the unsuspecting employee. The employee is lured into a trap through phishing emails and a single click gives hackers access to the gold mine of data of your company. Therefore, employees must be constantly trained and monitored.
A robust cybersecurity awareness program is now a must to avoid risk. For it to be successful, companies must ensure that the program lists dos and don'ts, help employees distinguish malicious links from harmless ones, and educate employees to be aware of the threats and dangers of wrong clicking. Having simulated attacks will greatly benefit the security of the company since you can monitor the behaviour of employees and detect who made a wrong click. Once an employee receives a simulated phishing email, it should be possible to verify whether they followed the protocols established in the awareness program. Knowing the weaknesses of your work team will give you the knowledge and tools to correct, prevent, and strengthen your cybersecurity.
Theta432 offers an excellent cybersecurity awareness program, Advanced Virtual Attacks (AVA). We will perform simulated attacks on your user groups and provide detail metrics on who clicked when and how. Additionally, we send that employee to a learning management system to be trained further to recognize various attacks.
Basheer Ahmed Khan
Theta432 Director of Operations, India