55% of organisations reported data breach in which the cloud provider’s account credentials were stolen and 44% found that attacks were caused by misconfigurations in open ports
About 93% of Indian organizations suffered cyberattacks in the last 12 months, a survey by cybersecurity firm Sophos has found.
Conducted in January and February, the survey that covered 227 Indian organizations, showed 55% of organisations reported data breach in which the cloud provider’s account credentials were stolen and 44% found that attacks were caused by misconfigurations in open ports.
Compared to global counterparts, Indian organisations witnessed most security incidents in the cloud while Europe saw the least. The improved security posture in Europe can be attributed to the compliance with General Data Protection Regulation (GDPR) guidelines, implemented in 2018.
India is yet to roll out its data protection law. The Personal Data Protection Bill was introduced in Parliament in December.
The survey shows that ransomwares accounted for the highest number of attacks (53%) on public cloud, followed by other malwares (49%), compromised accounts (48%), and cryptojacking (36%) attempts.
“Ransomware is one of the most widely reported cybercrimes in the public cloud. The most successful ransomware attacks include data in the public cloud and attackers are shifting their methods to target cloud environments that cripple necessary infrastructure and increase the likelihood of payment,” Chester Wisniewski, principal research scientist, Sophos said in a statement.
Misconfiguration of open ports is a big problem and can expose organisations to denial of service attacks. All communication over the Internet are facilitated through communication endpoints called ports. An open port can be a risk if the service listening on the port is misconfigured or vulnerable to exploits. According to security experts, ports should be open on a need basis and should be frequently monitored.
Despite all these risks, only 29% feel that managing access to cloud accounts is priority. Sophos cloud Optix data shows that 98% of global organisations have multi-factor authentication disabled on their cloud provider accounts.
A key takeaway from the survey was that the respondents unanimously admitted that they were concerned about their current level of cloud security. Detection and response is the top cloud security concern for IT managers. However, 55% organisations see it as a shared responsibility between them and their cloud services providers.