Η Digital Shadows, μια εταιρεία που ειδικεύεται στην ανάλυση του digital risk management και στη διερεύνηση απειλών των πληροφοριών. Η εταιρεία κυκλοφόρησε σήμερα μια έρευνα που σκιαγραφεί την τεράστια κλίμακα των διαρροών ευαίσθητων data businesses and consumers.
“The volume of data should be a major concern for everyone organization που έχει συνείδηση ασφάλειας και προστασίας της ιδιωτικής ζωής. Επιπλέον, με τη γρήγορη application of GDPR, θα υπάρχουν σαφείς ρυθμιστικές επιπτώσεις για κάθε οργανισμό που αποθηκεύει δεδομένα πολιτών της ΕΕ.”
During the duration των τριών πρώτων μηνών του 2018, οι ερευνητές της Digital Shadows ανίχνευσαν πάνω από 1,5 δισ. (1,550,447,111) διαθέσιμα αρχεία σε ανοικτά dupms υπηρεσιών: Amazon Simple Storage Service (S3), rsync, SMB servers, FTP servers, misconfigured sites and drives disk NAS (Network Attached Storage).
This number corresponds to over twelve petabytes (12.000 terabytes) of data. For those who didn't understand 12 peta of data is freely circulating on the Internet. To give you an idea of the magnitude, the number is over four thousand times the leak'Panama Papers’ που έφταναν τα 2,6 terabyte.
The most common data found to circulate were payroll records and tax returns (700.000 and 60.000 files respectively).
However, consumers are also at risk from report 14.687 incidents of patient information leakage. In one case, the data included information from points of sale, where transactions were recorded, and some credit card information.
Interestingly, though, although we would all expect most leaks to come from Amazon S3's incorrect settings, in the Digital Shadows study, service leaks account for only the 7% of the exposed data found.
On the contrary, services such as SMB (33 percent), rsync (28 percent) and FTP (26 percent) contributed to the largest information report. These technologies may be old, but they are still widely used.
The leaks also revealed very sensitive data, such as a patent summary for renewable energy that was described as "strictly confidential". Another example is a document containing a proprietary source that was submitted for copyright.
Rick Holland, head of the Digital Shadows Information Security, says:
"While we often try to respond to intruders who enter our environment and steal our data, we do not focus on our external digital fingerprints and data that is already available to the public through unsafe services."
Read the entire Digital Shadows survey, from here.
- Facebook: Beyond advertising you are the product
- DNS: how to find the fastest DNS resolvers for your system