Bet you didn’t realise that surveys on security threats are a bit like buses — only more so because three have come along at once. One survey looks at insider attacks. Today’s most damaging security threats often do not originate from outsiders or malware, but from trusted insiders, finds the survey/report. Another looks at email attacks — 78% of organisations say the cost of email breaches is increasing, and 74% say they are having a major turnover impact on their business. The third published the Cloud Threat Risk Report, and identifies 34+ million vulnerabilities across AWS, Azure and GCP, underlying the need for prioritisation of patching.
Security threat one: insider threats, report by Nucleus Cyber
According to Nucleus Cyber, the intelligent data-centric security company, not only are organisations seeing a dramatic increase of attacks from insiders, but 85% find it difficult to determine actual damage being caused, especially in cloud environments.
“Today’s most damaging security threats often do not originate from outsiders or malware, but from trusted insiders,” said Holger Schulze, CEO and Founder of Cybersecurity Insiders
It gathered from information security professionals in the 400,000-member Cybersecurity Insiders community and found that 70% of organisations are more frequently seeing insider attacks—with 60% experiencing one or more within the last 12 months—and 68% feeling “extremely to moderately” vulnerable to them.
Kurt Mueffelmann, CEO of Nucleus Cyber, said: “Security and IT teams’ attention is focused on hackers, but attacks from within are a significant threat to every industry.
The hidden truth about cyber crime: insider threats
Security threat two: email attacks, report by Barracuda
As for security threats relating to email, Cloud-enabled security solutions provider, Barracuda, produced a survey which included responses from 660 executives, individual contributors and team managers serving in IT-security roles in the Americas, EMEA, and APAC.
It found: 43% of organisations have been the victim of a spear-phishing attack in the past 12 months and more than three-quarters of organisations say their employees aren’t good at spotting suspicious emails.
There is another issue: it seems fears over email attacks are having a psychological impact too, and are damaging productivity. The survey found that no less than 38% of those questioned admit to worrying about email attacks outside of work hours and the same ratio blame email attacks for increased stress at work. A disappointed 16% have cancelled personal plans due to email attacks.
But 44% of respondents agreed that less than 10% of emails considered suspicious turn out to be fraudulent.
As for productivity, 81% spend 30 minutes or longer investigating each email attack, while 47% spend over an hour per attack.
The report also uncovered a finding that dovetailed with the Nucleus Cyber report, it said: “There are growing concerns about insider threats with Office 365.”
Finally, 39% of EMEA respondents reported damage to their organisation’s reputation over the past year, compared to the global average of 27%.
Stranger emails: rethinking anti-phishing solutions in the enterprise
Security threat three, cloud security incidents, report by Unit 42 (the Palo Alto Networks threat intelligence team).
Then for the third part in our trilogy of security threats, we turn to the cloud, with a report from Unit 42 (the Palo Alto Networks threat intelligence team).
Unit 42, has published the Cloud Threat Risk Report. Findings include 34+ million vulnerabilities across AWS, Azure and GCP, underlying the need for prioritisation of patching. It also discovered that more than 40,000 container platforms use default configurations exposed to the internet, allowing for identification using the simplest of search terms.
Perhaps, more worryingly still, it turns out that cloud complexity has become low hanging fruit, or so suggested the report. It said: “Over the last 18 months, 65% of reported incidents were due misconfigurations, leading to data leakage being the one outcome of attacks on cloud infrastructure.”
Finally, the report found that Malware is extending its reach to the cloud, with 28% of organisations communicating with malicious crypto-mining C2 domains operated by the threat group Rocke. Unit 42 has been closely tracking the group and noted the group’s unique tactics, techniques and procedures (TTPs), giving them the ability to disable and uninstall agent-based cloud security tools.
Cloud risk, cloud outages and cloud security — human error is the cause