Data Backup Digest

Despite having access to stronger security than ever before, IT systems around the world are still susceptible to hackers. Some of this can be chalked up to the ingenuity and dedication of the hackers themselves. However, some of it is a result of simple errors that could easily be avoided.

The expert team with IBM Security X-Force issued a recent report that highlights some of the most common issues behind cloud-based data breaches over the course of the past 12 months – and the results are worrisome to say the least.

Per their report, approximately two-thirds of all cloud-based data breaches are the result of a Misconfigured application programming interface, or API. While this issue is avoidable, there are other issues at play here, too.

Diving Into the Report

IBM’s latest report utilized various datasets, including those from various dark web analyses, penetration tests, intelligence research, and general security services. Many of the tools used during their research were in-house, proprietary tools; including IBM Security X-Force Red, IBM Security Services, X-Force Threat Intelligence, and more.

Apart from Misconfigured APIs, their report also found issues with:

- Password control and access management

- Policy control and management

As a result of their testing, the team with IBM has come to the conclusion that nearly two-thirds of all cloud-based data breaches could have been avoided with greater password control and improved security policies.

Perhaps even more troubling, however, is the accessibility of cloud-based accounts and other resources that are available to anyone on the dark web. According to their report, there are sites that advertise tens of thousands of cloud accounts for sale on the dark web.

In 71% of these cases, those selling the accounts are offering access via Remote Desktop Protocol (RDP) access. Not only does this give hackers the ability to access and modify data or other resources, but it gives them the ability to easily share their stolen data however – and with whomever – they desire.

But it is important to note that some compromised cloud accounts are far more expensive than others. While some might only cost a few dollars, others can range into the tens of thousands. The research team with IBM believes there are a number of factors at play here, including the amount of monetary credit on the account, the account holder’s geographic location, the organization the account belongs to, and more.

Cloud-Based Malware

As expected, ransomware ranked amongst the biggest threats of cloud-based malware. However, IBM’s recent report highlighted another threat, too: cryptominers. In this case, hackers take control of a target’s machine in order to use their system resources for the purpose of mining cryptocurrency. While many hackers prefer Bitcoin, there are hundreds of different cryptocurrencies that could possibly be used.

When you dive deeper into IBM’s report, it’s easy to see how malware continues to plague cloud-based networks around the world. According to their report, password or policy violations were present in 100% of the penetration tests performed in 2021. With numbers like this, it’s easy to see how hackers and other malicious users can easily gain access into a targeted system.