SECURITY
SECURITY
SECURITY
Report finds companies continue to expose data through misconfigured cloud storage
For years now, companies exposing data via misconfigured cloud storage have been a dime a dozen. Over the last few years, reports of companies inadvertently sharing their data often came multiple times a week.
Exposed data typically included a company incorrectly setting the security of an Amazon Web Services Inc. S3 instance or an ElasticSearch installation. In some cases, it was simply a matter of a password not being set.
The occurrence of misconfigured cloud instances seems to have fallen. It could be a case of companies being aware of security issues around cloud storage and taking action accordingly.
But one thing that is clear: Companies continue to expose their data this way, according to findings outlined today by Rapid7 Inc. in its 2021 Cloud Misconfigurations Report.
The Rapid7 researchers studied 121 publicly reported data exposure incidents in 2020 to see if they could find some causes and circumstances. Of the 121 published incidents, 15 industries were represented among the affected organizations, with information, entertainment, professional and healthcare being the more represented in the data set.
In 2020, an average of about 10 incidents a month were reported and 62% of those incidents were discovered by citizen researchers rather than criminal attackers. Notably, 35% of those incidents were sourced from only two specific individual researchers.
The most commonly exposed data were datasets with credentials such as user names and passwords, personal financial information and healthcare information. The median data exposure was 10 million records, although one “mega breach” accounts for the exposure of more than 20 billion records.
AWS S3 buckets and ElasticSearch databases accounted for about 45% of all reported exposures throughout the year. The figures for both could be higher, since the researchers could not identify the compromised component in almost half of cases.
“To avoid suffering an incident from similar cloud misconfigurations, companies should prioritize the adoption of a new model of security that provides continuous enforcement of controls and ensures secure configurations of all cloud services,” the researchers wrote. “Note that this activity is not a ‘set it and forget it’ task, and all current and new cloud resources should be monitored and have policies enforced continually to avoid even a temporary exposure of these often dynamic environments.”
Photo: Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
.jpg){kind=link}