IBM’s Cost of a Data Breach Report 2021 analyzed 537 real breaches and conducted nearly 3,500 interviews to uncover the true cost of a data breach in 2020. The publication covers initial attack vectors, how long it took organizations to discover and contain braces, as well as the effects that incident response efforts and artificial intelligence have on mitigating breach costs.

Every breach starts as a compromise that goes unnoticed and unactioned, often because existing security devices have too many events, too little context and cannot prioritize. Providing these systems with threat intelligence is the lowest cost and most effective way to improve contextualization and blocking of new attacks.

Indicators of compromise are the red flags of the information security world. These helpful warnings allow trained professionals to recognize when a system may be under attack or if the attack has already taken place, providing a way to respond to protect information from extraction. There are many indicators of compromise, depending on the type of threat.

Hackers have gained access to the personal data of 50m T-Mobile customers. Cybercriminals are reportedly offering access to some of the data in return for a fee of 6 bitcoin, or $270,000. The cause of the breach is unclear, but this follows a string of breaches for T-Mobile in recent years, after an incident in December 2020 that leaked the call records of around 200,000 customers.

Below is a pie chart representing the percentage contribution of each data breach victim to the 57 largest data breaches of all time. CAM4 covers the majority of the pie, accounting for almost 50% of all compromised records. If the CAM4 breach is disregarded, the impacts of the other breaches can be better appreciated. The pie chart below represents this updated distribution. Now, it becomes clearer that LinkedIn accounts for the majority of compromised social media records.

In a never-ending game of cat and mouse, threat actors are exploiting, controlling and maintaining persistent access in compromised cloud infrastructure. While cloud practitioners are armed with best-in-class knowledge, support, and security practices, it is statistically impossible to have a common security posture for all cloud instances worldwide. Attackers know this, and use it to their advantage. By applying evolved tactics, techniques and procedures (TTPs), attackers are exploiting edge cases.