Not all cyber threats are malicious, but rather the result of human error combined with vulnerable network security architecture.
- On August 2017, a misconfigured cloud-based file at a third-party vendor exposed the names, addresses, account details, and account personal identification numbers (PINs) of as many as 14 million customers of a major U.S. telecommunications company.(1)
- Hundreds of mistakenly unprotected Kubemetes administration consoles for managing containerized workloads and services were cryptojacked at a car manufacturer, and the hackers began running cryptomining scripts in the company’s cloud environment.(2)
- An unsecured, open S3 server at an international package-forwarding service led to the exposure of 116,000 scanned documents, including passports, driver’s licenses, security IDs, and more. The company had not configured their user permissions and access control privileges correctly.(3)
Exposure like this are increasingly common due to misconfigurations to cloud-based data stores and improper permissions. Given the frequency of such incidents, organizations are searching for solutions that can help them reduce their cyber-attack surface.
At the same time, the use of software-defined infrastructure (SDI) is on the rise. When implemented and managed properly, cloud-based architectures can offer even greater security, in addition to the scalability and efficiency companies require for digital enablement. But implementation mistakes and poor management can have organizations exposed.
To learn more about the advantages to software defined-Infrastructure and SDI’s positive impact on cyber security and how to protect your clients please click on the link below.
(1) Data Leaks, Cyber Risk, and CSTAR, upGauard, 2017
(2) Leasing from the Cryptojacking Attack at Tesla, Redlock February 20, 2018
(3) Leaked FedEx customer data was stored on Amazon S3 server with no password, TechRepublic, February 15, 2018