This week’s Knowledge Update talks about Amazon Web Services Cloud Storage being left open to the public, Two billion files being leaked in US Data breach in 2017 and spam is being decreased whereas phishing is being increased.
Amazon Web Services (AWS) Cloud storage was left open to the public with no password security.
Personal information of thousands of FedEx customers worldwide has been exposed, after a legacy version of Amazon Web Services Cloud storage was left open to the public with no password protection.
Researchers at Kromtech Security Center had stumbled upon the AWS S3 bucket, finding that it had contained more than 119,000 scanned documents, which included passports, drivers’ licenses and Applications for Mail Delivery, through agent forms that contained names, addresses, phone numbers and Zip Codes.
There were victims all around the world in countries such as Australia, Canada, China and even EU countries.
It is recommended that all default passwords should be changed and that updates should be applied regularly to devices. Information on what makes a strong password can be found here.
Two Billion files leaked in US Data breach in 2017.
Around 2 billion files that contained the personal data of US citizens were leaked last year. According to research from Citrix ShareFile, in 2017 there were a total of 551 breaches that affected organisations who had over 1.9 billion files leaked.
Using the data that was collected from the Privacy Rights Clearinghouse and the 2017 Cost of Data Breach study by the Ponemon Institute, in partnership with IBM Security, the analysis had found that malicious hacking was the most common type of breach in 2017, causing 819 million files to be exposed.
It is recommended that password policies should be implemented on all devices that contain rules for password length and password complexity as well as providing training for staff to avoid any intentional/unintentional data breach or exploitation. Implementing encryption and digital signatures across your business will secure your sensitive data and reduce phishing attacks. For more information contact firstname.lastname@example.org or visit here.
In 2017, The amount of Spam was decreased but the amount of Phishing attacks has been increased.
The average amount of spam in 2017 decreased to roughly 57%, which is roughly 1% less than the amount of spam that was received in 2016. However, the amount of phishing attacks and emails has been increased.
According to Kaspersky Lab’s Spam and Phishing in 2017 report, spammers and attackers tend to become thoughtful ‘Online Actors’ – creating the perfect emails. The spammers would instantly start to monitor global issues and major events worldwide with one main objective and purpose – to capture and capitalize on their victim’s attention.
Implementing DMARC, Encryption and Digital Signatures across your business will secure your sensitive data and reduce phishing attacks. More information on implementing DMARC can be found here or contact the London Digital Security Centre for more information here.