Security: IBM Traces Two-Thirds of Compromises to Misconfigured APIs

The report is drafted from a sweeping survey of dark web analysis and various X-Force elements analysis.

Robust hardening would have been the answer to curbing two-thirds of these breaches.
Robust hardening would have been the answer to curbing two-thirds of these breaches.
Key Facts
  1. 1

    The dark web survey projects the existence of incredibly high public cloud access purchase activity.

  2. 2

    Cloud environment penetration tests by X-Force Red traced some issues down to passwords or primary policies.

  3. 3

    About half of just over 2,500 vulnerabilities in cloud-deployed applications surfaced in the last 18 months.

  4. 4

    Cryptomining and ransomware have been listed as the top and most deployed malware in cloud environments.


Another one for the cyber security category. Security, in general, has been in a dilemma around the world. In the cybersecurity category, there have been direct reports about unfortunate events. Some are extensive surveys and research intended to curb subsequent attempts and reduce the toll of cyber attack victims. This publication corresponds with the latter.

In the last month of Q3, 2021, the security wing of global IT hardware manufacturer International Business Machines Corps (IBM) released a report that apportioned two-thirds of cloud breaches to API misconfigurations. The data was spawned off activity from June 2020 to the end of June 2021.

The conclusion represents a summary of data contributed by dark web analysts, IBM Security Services metrics, IBM Security X-Force Red penetration testing data, X-Force Threat Intelligence research, and X-Force Incident REsponse analysis.

Researchers discovered high public cloud access transactional activity by analyzing the dark web, and dark web personnel advertised thousands of cloud accounts and resources for sale. 71% of these were Remote Desktop Protocol access, while some cases were login details to access cloud environments which cost only a few dollars.

A high percentage of the X-Force Red penetration testing on cloud environments traced problems down to passwords or primary policies. Robust hardening would have been the answer to curbing two-thirds of these breaches.

The number of vulnerabilities in cloud-deployed apps has also increased. From January 2020 to June 2021, over half of the more than 2,500 known vulnerabilities in cloud-deployed applications have been revealed. While some of the increase can be ascribed to better tracking, the high rise emphasizes the significance of risk management.

APIs were found to be the Achilles heel for most cloud environments. Avoiding misconfigurations is a Herculean task, and threat actors pounce on these vulnerabilities a lot. Two-thirds of these occasions have been tracked down to misconfigured APIs; threat actors have been making lateral movements from on-premises environments to cloud environments.

More than half of breaches to cloud environments occurred because of some form of shadow IT activity. In general, to mitigate cloud security issues, IT organizations should be embracing zero-trust IT architectures, reducing the overall complexity of their cloud environments and continuously testing for vulnerabilities and misconfigurations.
Charles DeBeck
Senior Cyber Threat Intelligence and Strategic Analyst with IBM X-Force Incident Response and Intelligence Services.

Some platforms might be able to vouch for their security, and other platforms are undoubtedly flawed. Most cloud platforms are engineered by greenhorn IT practitioners with high chances of misconfiguring an environment.

Get similar news in your inbox weekly, for free

Share this news:

Latest stories

How ManageEngine Applications Manager Can Help Overcome Challenges In Kubernetes Monitoring

We tested ManageEngine Applications Manager to monitor different Kubernetes clusters. This post shares our review …

AIOps with Site24x7: Maximizing Efficiency at an Affordable Cost

In this post we'll dive deep into integrating AIOps in your business suing Site24x7 to …

A Review of Zoho ManageEngine

Zoho Corp., formerly known as AdventNet Inc., has established itself as a major player in …

Should I learn Java in 2023? A Practical Guide

Java is one of the most widely used programming languages in the world. It has …

The fastest way to ramp up on DevOps

You probably have been thinking of moving to DevOps or learning DevOps as a beginner. …

Why You Need a Blockchain Node Provider

In this article, we briefly cover the concept of blockchain nodes provider and explain why …

Top 5 Virtual desktop Provides in 2022

Here are the top 5 virtual desktop providers who offer a range of benefits such …

Why Your Business Should Connect Directly To Your Cloud

Today, companies make the most use of cloud technology regardless of their size and sector. …

7 Must-Watch DevSecOps Videos

Security is a crucial part of application development and DevSecOps makes it easy and continuous.The …