Increase in ransomware attacks and human error as main cause of cloud data breaches globally: Thales Data Threat Report
Thales announced the release of 2023 Thales Data Threat Report, its annual report on the latest data security threats, trends and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries. This year’s report found an increase in ransomware attacks, and increased risks to sensitive data in the cloud.
Half of IT professionals surveyed in India believe that security threats are increasing in volume or severity with 52% reporting an increase in ransomware attacks. The figure from India is higher than the global figure of 47% of IT professionals believing that security threats are increasing in volume or severity, while 48% indicated an increase in ransomware attacks.
More than a third (38%) of respondents in India (37% globally) have experienced a data breach in the past 12 months, including 23% (22% globally) reporting that their organisation had been a victim of a ransomware attack.
Respondents identified their cloud assets and IoT devices as the biggest targets for cyber-attacks. 53% of respondents in India said that their IoT devices were the biggest targets, followed by Cloud-based storage (41%) and Cloud delivered applications (SaaS) (40%). At the global level, 28% respondents said SaaS apps and cloud-based storage were the biggest targets, followed by cloud-hosted applications (26%) and cloud infrastructure management (25%). The increase in cloud exploitation and attacks is directly due to the increase in workloads moving to the cloud as 75% of respondents globally said 40% of data stored in the cloud is now classified as sensitive compared to 49% of respondents in 2022.
These are just a few of the key insights from the 2023 Thales Data Threat Report, conducted by 451 Research, which surveyed both private and public sector organisations. It reveals how businesses are responding and planning their data security strategies and practices in light of a changing threat landscape and the progress they are making to address threats.
Human error and the impact of ransomware
Simple human error, misconfiguration or other mistakes can accidentally lead to breaches – and respondents identified this as the leading cause of cloud data breaches. For those organisations that have suffered a data breach in the past 12 months, misconfiguration or human error was the primary cause identified by 52% of respondents in India and 55% globally. This was followed by the exploitation of a known vulnerability (21% in India as well as globally), and of a zero day / previously unknown vulnerability (21% in India and 13% globally). The report finds that identity and access management (IAM) is the best defence, with 28% of respondents globally identifying it as the most effective tool to mitigate these risks.
Meanwhile, the severity of ransomware attacks appears to be declining, with 35% of 2023 respondents globally reporting that ransomware had a significant impact compared to 44% of respondents reporting similar levels of impact in 2022. The global spend is moving in the right direction too, with 61% reporting (in India and globally) they would shift or add a budget for ransomware tools to prevent future attacks – up from global figure of 57% in 2022 – yet organisational responses to ransomware remain inconsistent. Only 48% of enterprises in India (nearly same as 49% globally) reported having a formal ransomware response plan, while 82% (67% globally) still report data loss from ransomware attacks.
Addressing the challenges of digital sovereignty
Digital sovereignty is becoming more top of mind for data privacy and security teams. Overall, the report found that data sovereignty remains both a short- and long-term challenge for enterprises. 82% (nearly same as 83% globally) expressed concerns over data sovereignty, and 44% (55% globally) agreed that data privacy and compliance in the cloud has become more difficult, likely due to emergence of requirements around digital sovereignty.
Emerging threats from quantum computers that could attack classical encryption schemes are also a cause for concern for organisations. The report found that Harvest Now, Decrypt Later (“HNDL”) and future network decryption were the greatest security concerns globally from quantum computing – with 62% and 55% reporting concerns respectively. While Post Quantum Cryptography (PQC) has emerged as a discipline to counter these threats, the report found that 62% of organisations globally have five or more key management systems, presenting a challenge for PQC and crypto agility.
Ashish Saraf, VP and Country Director, Thales – India, comments: “Enterprises continue to see a serious threat landscape in India and globally. The findings of our report indicate good progress is being made in certain areas, including Multi-Factor Authentication adoption and increased use of data encryption. However, there is still a lot of security gaps regarding data visibility. In an increasingly cloud-first world, where cloud based storage is being perceived in India as one of the biggest target for cyber-attacks by the report, organisations must maintain better control over their data so they can serve their stakeholders with greater safety and trust. With half of the organisations surveyed in India observing an increase in cyber-attacks, businesses need to focus on implementing robust security measures to protect against.”