In May of 2021, DataCenter Knowledge reported that cloud security breaches had surpassed on-premise breaches for the very first time, according to data from Verizon’s 2019 and 2020 Data Breach Investigations Reports (DBIRs).
73 percent of cybersecurity incidents in 2021 involved external cloud assets, up from a mere 27 percent in 2020. Let’s take a look at recent big cloud security breaches and the trends developing around them.
Most Common Cloud Security Breaches
For on-premise breaches, the top three culprits were ransomware, stolen credentials, and backdoor malware. But for cloud incidents, the most common breaches included stolen credentials, misconfigurations, and phishing.
The frequency of stolen credential attacks continues to teach us that people are still often seen as vulnerabilities. For example, employee Microsoft 360 accounts were the access point for the SolarWinds breach, which we talked about in a previous blog post.
Phishing attacks also leverage attacks against individuals by posing as a trusted individual, supervisor, or other professional contact and convincing unsuspecting employees to click a link, send an asset (data, money, gift cards, etc.) to a fraudulent account. By following a link in the email or instant message, malware is then installed unbeknownst to the original message recipient. Once installed, that malware can freeze the system, steal or corrupt data, or create an opportunity for ransomware attacks.
Major Cloud Security Breaches in Recent Years
While there are thousands of cloud security breaches every month, we wanted to highlight some of the major ones that have occurred in recent years.
LinkedIn – 2021
In 2021, the professional networking social media site LinkedIn fell victim to a data scraping breach. Though most of the data posted to dark web forums were previously public data, a sample of that data included email addresses, phone numbers, geolocation records, genders, and other social media details.
Marriott International – 2018
In September of 2018, Marriott division Starwood had over 500,000 guests’ personal and sensitive information was found to have been exposed by way of a previously undetected 2014 RAT (Remote Access Trojan) compromise originating from the Starwood network, that Marriott acquired in a 2016 merger.
Yahoo – 2013
In terms of scope, the 2013 and connected 2014 Yahoo cloud security breach is the largest – though not announced until 2016, the final number of accounts affected equaled more than three billion. The malicious campaign started when one Yahoo employee unknowingly clicked on a spear-fishing email. Four people were indicted for the attack, including two Russian spies and a hacker from the FBI’s Ten Most Wanted Fugitives list.
Build a CyberFort to Protect Your Cloud-Based Data
There were more data breaches in 2020 than in the previous 15 years combined, according to Canalys. And that means securing your data and cloud-based assets is more important than ever before, and likely will continue to evolve and affect more businesses in the future.
To protect yourself and your company from record-breaking cloud security breaches, you need to have a cybersecurity system in place that understands how every part of your organization interacts with technology – from smartphones to smart factories, connected cars, and digital supply chains. That’s why you need CyberFort Black, world-class protection that you can control. We integrate the best email, network, desktop, and cloud security solutions from Cisco, with our own added expertise, and we configure everything for you. Click here to sign up for a trial of CyberFort Black today.
Contact us today to get a network threat assessment.