According to two recent studies by security providers, the single greatest security threat cloud users face is caused by configuration errors. The second most common type of breach is caused by user error. The study by Verizon Corp.’s 2020 Data Breach Report, shows that misconfigurations are the most common type of error made.
Accuris released the results from their study and found that misconfigured cloud storage services are present in 93% of cloud deployments they analyzed.
In addition to that, most of the organizations that participated in the study had at least one network exposure, that can be attributed directly to a misconfiguration of routing rules that expose private subnets to the internet.
Public-facing workloads abound
These new findings come at the heels of another recent study by Orca Security who found that more than 80% of organizations have at least one public-facing workload running on an unsupported operating system that has not seen any patching for at least 6 months.
Almost 50% of organizations have at least one unpatched web server that’s publicly accessible. This mistake was how the 2017 breach of Equifax happened.
Over half of the organizations audited by Orca have internet-facing workloads that contain secrets and credentials which can give attackers access to secure nodes in the network. With that, it would be easy to attack any part of the organization.
Ignoring the basics
The problem boils down to oversight when it comes to basic security protocols. An inadequate understanding of the basics in configuring access privileges and the misguided belief that cloud providers take care of security is another factor.
In just the first half of 2019, Risk Based Security Inc. recorded 149 incidents of misconfigured cloud services and databases that exposed more than 3.2 billion records. Encryption is not a solution if the keys are open to anyone who has the expertise to get them.
Eventually, the organizations will have to adapt or risk devastating attacks.