The incorrectly configured server infrastructure is often considered one of the most significant causes of data breach within the IT industry. This phenomenon of human error is usually unintended, but can have catastrophic consequences with regard to the exposure of sensitive personal information and potentially damaging your company's reputation.
Data breaches have gathered a lot of news, especially in recent years and it is, unfortunately, a trend that seems to be on the rise. Data is a precious resource, especially for hackers who constantly rely on vulnerable systems.
It is difficult to provide accurate data on data breaches directly as a result of incorrectly configured servers, however data sources like idtheftcenter.org suggest that there have been around 1579 data breaches in 2017 in the United States. Of the 11% (about 174) violations of data directly attributed to unauthorized access, their evidence also suggests that corporate data breaches are increasing.
Data breaches can often be the result of a user error, typically when an operator mistakenly configured a platform or server that determined the ability of an external entity to gain access to it. not allowed. The number of violated data records is staggering. Any data breach can affect the personal details of millions of people.
With the proliferation of cloud computing, many companies choose to move their computing operations to the cloud, these systems often contain sensitive information that requires adequate protection. When a company chooses to make the leap to the cloud, important decisions must be made about the technical teams that will guide the transition and ensure the security of the cloud platform.
Data protection will always introduce a level of complexity for users during data access. If the transition team does not have the knowledge and understanding of a new cloud platform and security requirements, or if no formal training has been offered to teams, it is easy to see why an incorrect configuration can occur.
Cloud computing often simplifies the process of distributing Information Technology services; however, it is essential that users understand the main security concepts of the chosen cloud provider. A simple incorrect configuration can open your server up to remote access from anyone with an Internet connection or access data in a similar way.
Many of the most important examples of incorrect data breaches refer to incorrectly protected cloud services. In October 2017, information about private customers, certificates, 40,000 passwords and other sensitive customer data from Accenture was left open to public access with an improperly configured AWS S3 storage bucket. Essentially every person on the Internet could have access to the files as long as they knew the bucket S3 ID, despite this, Accenture claimed that no third party got unauthorized access.
Another high-profile example is Tesla, in which hackers have compromised several servers hosted on AWS S3 Compute nodes to extract bitcoins. This violation allowed the execution of unauthorized code within several Kubernetes instances for the execution of bitcoin mining scripts. This vast computing resource would have given hackers considerable computing power to extract bitcoin transactions, ultimately yielding income.
BJC Healthcare reported that an unsecured server was left open for Internet access between May 2017 and January 2018, it was reported that patient data including driver's licenses, insurance details and treatment records were archived on the server. Personal data such as names, addresses, telephone numbers and social security numbers were also vulnerable. BJC issued a statement stating that no data was accessible during the time the server was at risk.
These examples highlight the organization's lack of focus on protecting sensitive data services within the cloud. Other typical targets may include backbend of unprotected websites (such as WordPress or Apache consoles) and open unencrypted NAS devices that listen to incoming Internet traffic.
Even SMB and FTP file servers are commonly targeted, the misconfiguration here often occurs when companies share data with customers and external parties. If an FTP server is not configured correctly, it is very easy to open the entire server up to unauthorized access to the file system, potentially exposing sensitive data and allowing third parties to access each other's data.
Trusting your cloud service provider is an important decision when you choose to join the cloud revolution. Data protection and IT services is one of the main reasons why companies choose to outsource this responsibility to a third-party managed service provider with experience and expertise to get the correct security configuration for the first time.