Log in
E-mail
Password
Show password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON

INTERNATIONAL BUSINESS MACHINES CORPORATION

(IBM)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

X-Force Report: No Shortage of Resources Aimed at Hacking Cloud Environments

09/15/2021 | 09:52am EDT

As cybercriminals remain steadfast in their pursuit of unsuspecting ways to infiltrate today's businesses, a new report by IBM Security X-Force highlights the top tactics of cybercriminals, the open doors users are leaving for them and the burgeoning marketplace for stolen cloud resources on the dark web. The big takeaway from the data is businesses still control their own destiny when it comes to cloud security. Misconfigurations across applications, databases and policies could have stopped two-thirds of breached cloud environments observed by IBM in this year's report.

IBM's 2021 X-Force Cloud Security Threat Landscape Report has expanded from the 2020 report with new and more robust data, spanning Q2 2020 through Q2 2021. Data sets we used include dark web analysis, IBM Security X-Force Red penetration testing data, IBM Security Services metrics, X-Force Incident Response analysis and X-Force Threat Intelligence research. This expanded dataset gave us an unprecedented view across the whole technology estate to make connections for improving security. Here are some quick highlights:

  • Configure it Out - Two out of three breached cloud environments studied were caused by improperly configured Application Programming Interface (APIs). X-Force incident responders also observed virtual machines with default security settings that were erroneously exposed to the Internet, including misconfigured platforms and insufficiently enforced network controls.
  • Rulebreakers Lead to Compromise - X-Force Red found password and policy violations in the vast majority of cloud penetration tests conducted over the past year. The team also observed a significant growth in the severity of vulnerabilities in cloud-deployed applications, while the number of disclosed vulnerabilities in cloud-deployed applications rocketed 150% over the last five years.
  • Automatic for the Cybercriminals - With nearly 30,000 compromised cloud accounts for sale at bargain prices on dark web marketplaces and Remote Desktop Protocol accounting for 70% of cloud resources for sale, cybercriminals have turnkey options to further automate their access to cloud environments.
  • All Eyes on Ransomware & Cryptomining - Cryptominers and ransomware remain the top dropped malware into cloud environments, accounting for over 50% of detected system compromises, based on the data analyzed.
Download the report

Modernization Is the New Firewall

More and more businesses are recognizing the business value of hybrid cloud and distributing their data across a diverse infrastructure. In fact, the 2021 Cost of a Data Breach Report revealed that breached organizations implementing a primarily public or private cloud approach suffered approximately $1 million more in breach costs than organizations with a hybrid cloud approach.

With businesses seeking heterogeneous environments to distribute their workloads and better control where their most critical data is stored, modernization of those applications is becoming a point of control for security. The report is putting a spotlight on security policies that don't encompass the cloud, increasing the security risks businesses are facing in disconnected environments. Here are a few examples:

  • The Perfect Pivot - As enterprises struggle to monitor and detect cloud threats, cloud environments today. This has contributed to threat actors pivoting from on-premise into cloud environments, making this one of the most frequently observed infection vectors targeting cloud environments - accounting for 23% of incidents IBM responded to in 2020.
  • API Exposure - Another top infection vector we identified was improperly configured assets. Two-thirds of studied incidents involved improperly configured APIs. APIs lacking authentication controls can allow anyone, including threat actors, access to potentially sensitive information. On the other side, APIs being granted access to too much data can also result in inadvertent disclosures.

Many businesses don't have the same level of confidence and expertise when configuring security controls in cloud computing environments compared to on-premise, which leads to a fragmented and more complex security environment that is tough to manage. Organizations need to manage their distributed infrastructure as one single environment to eliminate complexity and achieve better network visibility from cloud to edge and back. By modernizing their mission critical workloads, not only will security teams achieve speedier data recovery, but they will also gain a vastly more holistic pool of insights around threats to their organization that can inform and accelerate their response.

Trust That Attackers Will Succeed & Hold the Line

Evidence is mounting every day that the perimeter has been obliterated and the findings in the report just add to that corpus of data. That is why taking a zero trust approach is growing in popularity and urgency. It removes the element of surprise and allows security teams to get ahead of any lack of preparedness to respond. By applying this framework, organizations can better protect their hybrid cloud infrastructure, enabling them to control all access to their environments and to monitor cloud activity and proper configurations. This way organizations can go on offense with their defense, uncovering risky behaviors and enforcing privacy regulation controls and least privilege access. Here's some of the evidence derived from the report:

  • Powerless Policy - Our research suggests that two-thirds of studied breaches into cloud environments would have likely been prevented by more robust hardening of systems, such as properly implementing security policies and patching.
  • Lurking in the Shadows - 'Shadow IT', cloud instances or resources that have not gone through an organization's official channels, indicate that many organizations aren't meeting today's baseline security standards. In fact, X-Force estimates the use of shadow IT contributed to over 50% of studied data exposures.
  • Password is 'admin 1' - The report illustrates X-Force Red data accumulated over the last year, revealing that the vast majority of the team's penetration tests into various cloud environments found issues with either passwords or policy adherence.

The recycling use of these attack vectors emphasizes that threat actors are repetitively relying on human error for a way into the organization. It's imperative that businesses and security teams operate with the assumption of compromise to hold the line.

Dark Web Flea Markets Selling Cloud Access

Cloud resources are providing an excess of corporate footholds to cyber actors, drawing attention to the tens of thousands of cloud accounts available for sale on illicit marketplaces at a bargain. The report reveals that nearly 30,000 compromised cloud accounts are on display on the dark web, with sales offers that range from a few dollars to over $15,000 (depending on geography, amount of credit on the account and level of account access) and enticing refund policies to sway buyers' purchasing power.

But that's not the only cloud 'tool' for sale on dark web markets with our analysis highlighting that Remote Desktop Protocol (RDP) accounts for more than 70% of cloud resources for sale - a remote access method that greatly exceeds any other vector being marketed. While illicit marketplaces are the optimal shopping grounds for threat actors in need of cloud hacks, concerning us the most is a persistent pattern in which weak security controls and protocols - preventable forms of vulnerability - are repeatedly exploited for illicit access.

To read our comprehensive findings and learn about detailed actions organizations can take to protect their cloud environments, review our 2021 X-Force Cloud Security Threat Landscape here.

Want to hear from an expert? Schedule a consultation with an X-Force team member and register for our cloud security webinar to learn more.

Disclaimer

IBM - International Business Machines Corporation published this content on 15 September 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 15 September 2021 13:51:00 UTC.


© Publicnow 2021
All news about INTERNATIONAL BUSINESS MACHINES CORPORATION
04:24pINTERNATIONAL BUSINESS MACHINES : Amendments to Articles of Incorporation/Bylaws/Change in..
PU
04:23pINTERNATIONAL BUSINESS MACHINES CORP : Amendments to Articles of Inc. or Bylaws; Change in..
AQ
01:35pINTERNATIONAL BUSINESS MACHINES : Study says tech firms underreport their carbon footprint
AQ
10:13aWALL STREET STOCK EXCHANGE : Nasdaq takes a hit from Intel and Snap
08:00aANALYST RECOMMENDATIONS : Ally Financial, Intel, Las Vegas Sands, Tesla, Verizon...
10/21S&P 500 Notches Record Close Thursday as IBM Stalls Dow
MT
10/21CLOSE UPDATE : S&P 500 Notches Record Close Thursday as IBM Stalls Dow
MT
10/21IBM, Las Vegas Sands fall; Crocs, AutoNation rise
AQ
10/21INTERNATIONAL BUSINESS MACHINES : Prepared Remarks of Earnings Presentation on October 20,..
PU
10/21INTERNATIONAL BUSINESS MACHINES CORP : Regulation FD Disclosure, Financial Statements and ..
AQ
More news
Analyst Recommendations on INTERNATIONAL BUSINESS MACHINES CORPORATION
More recommendations
Financials (USD)
Sales 2021 74 691 M - -
Net income 2021 5 526 M - -
Net Debt 2021 46 811 M - -
P/E ratio 2021 23,2x
Yield 2021 5,14%
Capitalization 115 B 115 B -
EV / Sales 2021 2,16x
EV / Sales 2022 2,09x
Nbr of Employees 345 900
Free-Float 39,8%
Chart INTERNATIONAL BUSINESS MACHINES CORPORATION
Duration : Period :
International Business Machines Corporation Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends INTERNATIONAL BUSINESS MACHINES CORPORATION
Short TermMid-TermLong Term
TrendsBearishBearishNeutral
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 16
Last Close Price 127,88 $
Average target price 150,50 $
Spread / Average Target 17,7%
EPS Revisions
Managers and Directors
Arvind Krishna Chairman & Chief Executive Officer
James J. Kavanaugh Chief Financial Officer & Senior VP-Operations
Juan Antonio Zufiria Senior VP-Global Technology Services
Kathryn W. Guarini Chief Information Officer
Michael L. Eskew Lead Independent Director
Sector and Competitors
1st jan.Capi. (M$)
INTERNATIONAL BUSINESS MACHINES CORPORATION12.73%115 025
ACCENTURE PLC32.89%219 255
TATA CONSULTANCY SERVICES LTD.23.40%174 585
SNOWFLAKE INC.21.55%102 923
INFOSYS LIMITED39.64%98 189
AUTOMATIC DATA PROCESSING, INC.20.91%90 763