It seems as if last year’s data breaches were characterized by increased regularity, yet somehow, according to the latest research from IBM Security, fewer records were actually exposed.
The year saw a 25 percent dip in exposed records—2.5 billion down from 4 billion the previous year—according to IBM’s latest X-Force report. The cause: Cybercriminals have largely turned their focus to launching ransomware attacks that encrypt data locally.
“Last year, there was a clear focus by criminals to lock or delete data, not just steal it, through ransomware attacks,” said Wendi Whitmore, global lead at IBM X-Force Incident Response and Intelligence Services (IRIS).
Notwithstanding, 2017 also saw an unprecedented 424 percent increase in breaches caused by misconfigured cloud storage devices, which the researchers attributed mostly to human error. More often now, configuration mistakes by careless employees are doing hackers’ work for them.
Of the records tracked by IBM, nearly 70 percent were leaked due to the inadvertent activities of owners, reflecting a “growing awareness among cybercriminals of the existence of misconfigured cloud servers.”
Additionally, researchers found that roughly a third of all security incidents caused by “inadvertent activity” were driven by phishing attacks. The bulk of the attacks are not highly targeted, but launched en mass as spam. Over one four-day period, IBM reports, criminals sent 22 million emails using the infamous Necurs botnet, the largest purveyor internet botnet spam worldwide.
According to IBM, financial services, formerly the most targeted industry, has fallen to third place, behind IT & communications and manufacturing, which, respectively, absorbed 33 percent and 18 percent of attacks observed by the researchers.