Data breaches have skyrocketed in recent years, with an alarming 2.6 billion personal records exposed in the last two years alone. According to a recent report underwritten by Apple and written by Professor Stuart E. Madnick of MIT, 2023 is on track to become another record year for data breaches. This troubling trend is attributed to attackers’ increased proficiency in compromising misconfigured clouds and exploiting unsecured end-to-end phone encryption, with ransomware attacks on the rise.
Despite Apple’s focus on promoting in-store transactions and Apple-specific end-to-end encryption, the report warns of broader threats to enterprises.
Madnick’s findings reveal that ransomware attacks on organizations have surged by nearly 50% in the first half of 2023 compared to the first half of 2022, with attackers targeting mobile device fleets to paralyze communications until a ransom is paid.
VB Event
The AI Impact Tour
Getting to an AI Governance Blueprint – Request an invite for the Jan 10 event.
Misconfigured clouds are the open-door attackers hope for
Unencrypted identity data stored in unsecured or misconfigured clouds is an attackers’ goldmine. Misconfigured clouds are also proving to be an easy onramp to steal identity data that can be resold or spun into new synthetic identities used for fraud.
“Microsoft AI’s research division exposed over 38 terabytes of sensitive information due to a cloud misconfiguration, including passwords to Microsoft services, secret keys, and more than 30,000 internal Microsoft Teams messages from hundreds of Microsoft employees,” reports Madnick, citing TechCrunch’s story. Attackers know that the quicker they can take control of identities, starting with Microsoft Active Directory (AD), the more successful a ransomware attack will be.
In a recent interview with VentureBeat, Merritt Baer, Field CISO at Lacework, says that bad actors look first for an easy front door to access misconfigured clouds, the identities and access to entire fleets of mobile devices. “Novel exploits (zero-days) or even new uses of existing exploits are expensive to research and discover. Why burn an expensive zero-day when you don’t need to? Most bad actors can find a way in through the “front door”– that is, using legitimate credentials (in unauthorized ways).”
Baer added, “This avenue works because most permissions are overprovisioned (they aren’t pruned down/least privileged as much as they could be), and because with legitimate credentials, it’s hard to tell which calls are authorized/ done by a real user versus malicious/ done by a bad actor.”
Nearly 99% of cloud security failures are tracked back to manual controls not being set correctly, and up to 50% of organizations have mistakenly exposed applications, network segments, storage and APIs directly to the public. Data breaches that start because cloud infrastructure is misconfigured cost an average of $4 million to resolve,
