Security: IBM Traces Two-Thirds of Compromises to Misconfigured APIs
The report is drafted from a sweeping survey of dark web analysis and various X-Force elements analysis.
On September 16, 2021, IBM Security X-Force released a report that apportions two-thirds of cloud breaches to misconfigured Application Programming Interfaces.
The dark web survey projects the existence of incredibly high public cloud access purchase activity.
Cloud environment penetration tests by X-Force Red traced some issues down to passwords or primary policies.
About half of just over 2,500 vulnerabilities in cloud-deployed applications surfaced in the last 18 months.
Cryptomining and ransomware have been listed as the top and most deployed malware in cloud environments.
Another one for the cyber security category. Security, in general, has been in a dilemma around the world. In the cybersecurity category, there have been direct reports about unfortunate events. Some are extensive surveys and research intended to curb subsequent attempts and reduce the toll of cyber attack victims. This publication corresponds with the latter.
In the last month of Q3, 2021, the security wing of global IT hardware manufacturer International Business Machines Corps (IBM) released a report that apportioned two-thirds of cloud breaches to API misconfigurations. The data was spawned off activity from June 2020 to the end of June 2021.
The conclusion represents a summary of data contributed by dark web analysts, IBM Security Services metrics, IBM Security X-Force Red penetration testing data, X-Force Threat Intelligence research, and X-Force Incident REsponse analysis.
Researchers discovered high public cloud access transactional activity by analyzing the dark web, and dark web personnel advertised thousands of cloud accounts and resources for sale. 71% of these were Remote Desktop Protocol access, while some cases were login details to access cloud environments which cost only a few dollars.
A high percentage of the X-Force Red penetration testing on cloud environments traced problems down to passwords or primary policies. Robust hardening would have been the answer to curbing two-thirds of these breaches.
The number of vulnerabilities in cloud-deployed apps has also increased. From January 2020 to June 2021, over half of the more than 2,500 known vulnerabilities in cloud-deployed applications have been revealed. While some of the increase can be ascribed to better tracking, the high rise emphasizes the significance of risk management.
APIs were found to be the Achilles heel for most cloud environments. Avoiding misconfigurations is a Herculean task, and threat actors pounce on these vulnerabilities a lot. Two-thirds of these occasions have been tracked down to misconfigured APIs; threat actors have been making lateral movements from on-premises environments to cloud environments.
More than half of breaches to cloud environments occurred because of some form of shadow IT activity. In general, to mitigate cloud security issues, IT organizations should be embracing zero-trust IT architectures, reducing the overall complexity of their cloud environments and continuously testing for vulnerabilities and misconfigurations.Charles DeBeckSenior Cyber Threat Intelligence and Strategic Analyst with IBM X-Force Incident Response and Intelligence Services.
Some platforms might be able to vouch for their security, and other platforms are undoubtedly flawed. Most cloud platforms are engineered by greenhorn IT practitioners with high chances of misconfiguring an environment.
Get similar news in your inbox weekly, for free
Share this news:
The all-in-one monitoring solution for IT admins, DevOps and SREs
Get deep visibility into the performance of your complex enterprise applications and cloud native workloads. Identify potential issues, improve productivity, and ensure that your business and end users are unaffected by downtime and substandard performance ...
How ManageEngine Applications Manager Can Help Overcome Challenges In Kubernetes Monitoring
We tested ManageEngine Applications Manager to monitor different Kubernetes clusters. This post shares our review …
IT Monitoring Powered by AIOps
Harness the power of artificial intelligence (AI) and machine learning (ML) to monitor your IT resources with Site24x7's artificial intelligence for IT operations (AIOps) and machine learning operations (MLOps). Improve mean time to repair (MTTR) issues with the help of Site24x7 AIOps ...
AIOps with Site24x7: Maximizing Efficiency at an Affordable Cost
In this post we'll dive deep into integrating AIOps in your business suing Site24x7 to …
A Review of Zoho ManageEngine
Zoho Corp., formerly known as AdventNet Inc., has established itself as a major player in …
Should I learn Java in 2023? A Practical Guide
Java is one of the most widely used programming languages in the world. It has …
The fastest way to ramp up on DevOps
You probably have been thinking of moving to DevOps or learning DevOps as a beginner. …
Why You Need a Blockchain Node Provider
In this article, we briefly cover the concept of blockchain nodes provider and explain why …
Top 5 Virtual desktop Provides in 2022
Here are the top 5 virtual desktop providers who offer a range of benefits such …