CybelAngel: Cloud Storage leaks grew by 150% in 2021

Tooday CybelAngel published in-depth original research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks

CybelAngel, a digital risk protection company, today published in-depth original research revealing that data leaks and shadow assets are the greatest source of exposure to cyber attacks faced by large organisations across the globe. The report also highlights how the market pressures of 2021 led to an increase of such risks, with cloud storage leaks increasing by 150% compared to 2020.    

Based on data from a sample group of customers, the research report: 'A Year in Proactive Cybersecurity', reveals that data leak incidents increased, overall, by 63 per cent and vulnerable shadow assets exposure grew by 40 per cent in 2021. This is evidence of organisations’ ever-increasing digital footprint and the expanding attack surface of today's connected enterprises.    

Source code data leaks rise by two-thirds between 2020 and 2021 

Labour shortages among developers led to greater outsourcing of development projects, with 86 per cent of hiring managers and technical recruiters now finding it a challenge to hire developers. At the same time, the acceleration of digital transformation meant that more development projects were needed, with a 47 per cent increase in new public repositories created on GitHub between 2020 and 2021.   

The increase in outsourced development projects led to a 66 per cent increase in source code leaks. The final quarter of 2021 saw a massive 117 per cent jump in the number of GitHub incident reports sent to CybelAngel’s sample group of customers, compared to the previous quarter.  

Increase in ‘major risks’ from credentials leaks 

The digital risks caused by exposed credentials continued to plague cybersecurity, including account takeover, credential stuffing, network infiltration, and ransomware attacks. In the sample group of companies, exposed credentials accounted for 25 per cent of all incident reports sent. One of the most significant findings was that the severity of exposed credential incidents has changed dramatically with a 50 per cent increase in the number of ‘major‘ incidents, defined as those having the potential to interrupt business operations as a result of account takeover.   

Cloud storage leaks grow 150% year-on-year  

As digital transformation continued following the work-at-home revolution, incidents of cloud storage leaking proprietary data, or confidential information, grew by 150 per cent year-over-year.   

40% growth in shadow IT incidents in H2 2021    

With the increasing prevalence in cloud adoption, and the ease with which applications and services can be used without the sanction of IT departments, the number of vulnerable shadow assets grew  by 40 per cent over H2 2021. 17 per cent of shadow asset incidents sent to CybelAngel customers across 2021 were rated ‘major’ or ‘critical’.  

Commenting on the findings, Pauline Losson, Cyber Operations Director at CybelAngel and Head Researcher on the report said:  “The report pulls into sharp focus the security impact of digital risks that have occurred following the seismic changes in the world of work. 

"The huge growth in cloud adoption and organisations’ increasing reliance on outsourcing development work means that all risks are, in effect, moving to the cloud. The idea of securing the perimeter is no longer tenable. Organisations are facing systemic cyber risks, driven by sophisticated criminal groups exploiting the fact that external threats are reaching a level of unavoidable risk.  

"The good news for organisations is that, if dealt with early, each of the threats identified in the report can be remediated relatively quickly and at low cost. The key is visibility and speed in order to locate all exposed assets pertaining to an organisation’s attack surface before they are breached by malicious actors. As risks change each day, organisations need to be ready to respond through continuous monitoring."  

Share

Featured Articles

CTO at Passbolt explains the importance of password managers

Remy Bertot, CTO at Passbolt, spoke to Cyber Magazine to discuss the growing importance of password managers and keeping businesses' data secure

Nord Security raises US$100mn at US$1.6bn valuation

Nord Security has raised US$100mn at a valuation of US$1.6bn and plans to use the funds to hire more staff, invest in research and expand its product suite

Who is Mandiant, Google’s latest cyber security acquisition?

Cybersecurity firm Mandiant, has entered into a definitive agreement to be acquired by Google in an all-cash transaction valued at approximately US$5.4bn

SpyCloud finds the rate of password reuse continues to rise

Cyber Security

Logicalis: Offering real-time cyber threat response

Cyber Security

Top 100 Leaders announced at Technology, AI & Cyber Live

Technology & AI