Report: Cybercriminals Rely On People To Access Corporate Environments

Cybercriminal Report

Users are the weakest link when it comes to cybersecurity, with only 1 percent representing 75 percent of the security risk in a cloud environment, according to a new cloud cybersecurity report released yesterday.

The CloudLock Cyberlab analyzed 10 million users as well as 1 billion files and more than 91,000 applications and found that it isn’t the business of network infrastructure that cybercriminals target, but rather a very small number of users. For this reason it is vital for those developing security programs to study user behavior.

Trends in Cloud Cybersecurity

cloud-report-2015

The CloudLock report examines trends across users, applications and collaboration and reveals that the 80:20 rule or law of the vital few (officially the Pareto Principle) is valid across all three of these primary dimensions.

  • Just 1 percent of all computer and computer network users create three quarters (75 percent) of all cloud cybersecurity risk in organizations by behaving in an “abnormal” manner, whether malicious or unintentional.
  • Organizations were found to collaborate on average with 865 outside parties with a mere 25 of these accounting for three quarters of each organizations’ cloud-based sharing activities. Alarmingly, 70 percent of this sharing is via non-corporate emails that security teams have minimal control over.
  • Just 1 percent of users represent 62 percent of all the applications installed in the cloud, which further increases the high-risk volumes. Another concern is that 52,000 application installations are carried out by users that are highly privileged; the problem being that malicious cybercriminals are known to target privileged accounts.

The 14-page report also reveals that the individuals who make up the risky 1 percent are also responsible for ownership of 57 percent of files; sharing of 81 percent of files; and 73 percent of files that are “excessively exposed.” This means it is crucial for those in charge of security to understand the composition of this 1 percent that is frequently comprised. They are not only the privileged users mentioned above, but also machine-based identities that are designed to allow access to archived data and other privileges, as well as various software architects.

Acknowledging the fact that there has been a long established risk that is linked to unintentional “user-induced exposure in the cloud,” the report points out that cybercriminals have learnt how to exploit these users and not only access corporate and Government environments, but also compromise credentials. Furthermore, it found that no industries are immune from these cloud cybersecurity risks: “The bottom line: across all industries, risk can be explained by a small percentage of users.”

Data ownership in the cloud was also found to be disproportionately high, with the top 1 percent of users owning more than half (57 percent) of the organization’s digital assets. This figure rose to 81 percent when the digital assets of the top 5 percent were taken into account. In reality this would mean that simply targeting the few who own digital assets could cause a major data breach that could put a very large percentage of the company’s assets at risk.

So how is the distribution of cloud cybersecurity risk calculated?

According to the report it is a combination of behaviors that is potentially risky, together with usage volumes of users, and corporate security policy violations. And the stats reveal, yet again, that just 1 percent of users are responsible for most cloud cybersecurity risk in any one organization.

  • The top 1 percent create 75 percent of risk
  • The top 5 percent create 90 percent of risk
  • The remaining 95 percent are not much of a risk at all, accounting for a mere 10 percent

This remains the reality, even though most of the users who create risks are not aware of what they are doing (for example “oversharing” the company’s assets). All they have to do to create risk is drag and drop files to public folders, or make a folder public without informing another collaborator that this has been done.

In many circumstances, employee security training will decrease the risk dramatically. For Instance, a case study cited in the report shows how a travel industry firm was able to decrease its potentially risky public exposure by 62 percent in a single day, just be analyzing user behavior and then reaching out to their top users.

Another enormous risk lies with third party suppliers that are connected to the company via the cloud. They might be totally honest and reliable, but if they are compromised, their vulnerability can become high risk for the company they are collaborating with. It shouldn’t be surprising to find that the so-called law of the vital few applies in this instance too, with the top 25 external organizations accounting for three quarters of inter-organizational sharing. Additionally, the top 25 applications were found to account for 65 percent of all third-party app installations, many of which were found to be linked not to business itself, but to business functions.

Four Strategies to Help Remedy Risk

Having identified that cloud cybersecurity is disproportionate across users, collaborators or applications, CloudLock suggests four strategies to help remedy risk:

1. First focus on the riskiest users
2. Then focus security on the top 25 collaborators, and then the balance
3. Take action when third party applications are discovered
4. Opt for platforms that offer multi-cloud insights rather than point security solutions

By Penny Swift

Hacks

Ongoing Concerns over Tether

Tether Concerns Tether (USDT) is a type of cryptocurrency known as a stable-coin. It’s price is pegged to $1 USD, with the cash to back the currency held in a reserve bank account. As of ...
Daniela Streng

Preventing IT Outages and Downtime

Preventing IT Outages As businesses continue to embrace digital transformation, availability has become a company’s most valuable commodity. Availability refers to the state of when an organization’s IT infrastructure, which is critical to operating a ...
Shells.com – Your Personal Cloud Computer

Shells.com – Your Personal Cloud Computer

Personal Cloud Computer Shells, a robust virtual desktop infrastructure, ensures better performance by enabling its users to incorporate a layer of virtualization between the control server and any device that they choose. This way, it ...
Money Big Data

How Bitcoin Brought The Lightning Network To El Salvador

The Lightning Network El Slavador made waves last month after becoming the first country to adopt bitcoin as legal tender. El Salvador’s Congress voted by a “supermajority” in favor of the Bitcoin Law which states, ...
Martin Mendelsohn

Of Rogues, Fear and Chicanery: The Colonial Pipeline Dilemma and CISO/CSO Priorities

The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...

PROXY SERVICES

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy

    Smartproxy

    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks

    Rsocks

    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.