Last week Digital Shadows announced the results of a report, Too Much Information, which found that over 1.5 Billion files were exposed through misconfigured services including: Amazon S3 buckets, rsync, SMB, FTP, NAS drives, and misconfigured websites.
According to the report:
“Organizations aren’t focusing enough security resources on understanding and mitigating risks associated with their external digital footprints and data that is already publicly-available. In a three-month period, Digital Shadows found over 12 petabytes of publicly available data from organizations around the world.”
Well, that’s terrifying…Let’s break it down some more to learn just how truly terrifying.
The United States Suffers the Most
Following the release of the report, Digital Shadows published a blog to examine and explain their findings, and the damage is astronomical! And according to the report, the United States has suffered the most.
“The amount of exposed data is staggering. Over twelve petabytes of data is exposed (12,000 terabytes). For context, this is over four thousand times larger than the “Panama Papers” leak (2.6 terabytes). It’s also 12 thousand times larger than the Deep Root exposure of 198 million voters in 2017. Almost all countries are affected, but the United States experienced the most exposure with 239,607,590 files.”
Geographical distribution of exposed data (Digital Shadows)
Let that sink in for a moment, because it’s about to get worse.
What type of data was exposed?
According to the report, personal information, intellectual property, and security assessments have all been made publicly available.
Are you still breathing?
The amount of data that has been leaked is scary enough, but to add that to the types of files that have been released is just unthinkable! But there it is.
For more perspective, here are some graphics pulled from the report to show just how bad the damage is:
Types of publicly-available personal information (Digital Shadows)
Types of publicly-available intellectual property (Digital Shadows)
Types of publicly-available security assessments (Digital Shadows)
Ready for some good news?
All of those services and buckets that have been compromised can easily be accessed through ownCloud and can be centrally managed and controlled. This gives users an extra layer of protection against attacks, keeping your data safe while others who have opted against using ownCloud may have been exposed.
Oh good, I can see you’ve stopped hyperventilating now.
That’s right you used ownCloud, so you made sure that your personal information couldn’t possibly be among those files!
ownCloud offers you Windows Network Drive integration for SMB and integrates with S3 buckets and other external storage services such as AWS, Dropbox, Google Drive, OneDrive, Box, etc. This allows IT to focus on ownCloud and the users to access files wherever and whenever they need them through one location. And with files classification and policies, as well as the File Firewall, you can take care that classified documents are not delivered to the outside.
In addition, ownCloud protects against most known ransomware and enables users to recover the affected data even in the case of a successful attack with the Ransomware Protection App. Remember WannaCry and Petya? Our users would be covered.
If you would like to learn more about how to protect your sensitive files from ransomware attacks, check out the recording of our recent webinar: Ransomware Protection with ownCloud.
