Human error responsible for most data breaches on Cloud: IBM
San Francisco: Although the number of data breaches dropped by nearly 25 per cent in 2017, Cloud-related cyber attacks saw a significant 424 per cent jump largely owing to human error, a report by technology giant IBM said on Thursday.
According to the report by IBM Security titled "2018 IBM X-Force Threat Intelligence Index", "As cybercriminals shifted their focus on launching ransomware and destructive attacks, more than 2.9 billion records were reportedly breached last year, which is down from four billion disclosed in 2016."
"Last year, there was a clear focus by criminals to lock or delete data, not just steal it, through ransomware attacks," Wendi Whitmore, Global Lead, IBM X-Force Incident Response and Intelligence Services (IRIS), said in a statement.
"These attacks are not quantified by records breached, but have proven to be just as, if not more, costly to organiations than a traditional data breach," Whitmore added.
The findings showed that inadvertent activity such as misconfigured Cloud infrastructure was responsible for the exposure of nearly 70 per cent of compromised records tracked by IBM X-Force that runs spam traps globally and monitors cyber attacks daily.
Ransomware reigned in 2017 as attacks such as WannaCry, NotPetya and Bad Rabbit hit several industries.
The report also said that for the second year in a row, the Banking, Financial services and Insurance (BFSI) industry suffered the most cyberattacks against it, accounting for 27 per cent of attacks across all industries.
In 2017, it fell to the third-most attacked (17 per cent) -- behind Information and Communications Technology (33 per cent) and Manufacturing (18 per cent) -- yet saw the most security incidents (27 per cent) those requiring further investigation as compared to other industries.
Overall, ransomware incidents have cost organisations more than $8 billion in 2017 as cyber criminals launched debilitating attacks that were focused on locking critical data instead of compromising stored records.