Imperva researchers monitored an unprecedented 93 percent rise in the exposure of information through online data leakage attacks in 2020 - incidents where data was transmitted from an organisation’s corporate network to an external destination, whether accidentally or deliberately, without authorisation. It came at a time when organizations further evolved their traditional IT infrastructure into an ecosystem of APIs, microservices and hybrid or multi-cloud environments. Imperva’s researchers detected 883,865 data leakage attacks worldwide at the start of 2020; by December, that number had soared to more than 1.7 million. When considering that data leakage can also happen via physical means, for instance through lost or stolen devices or verbal communication, the final figure of all data leakage will be even higher.
The research from Imperva shows the number of data leakage incidents accelerated in the second half of 2020. Between Q3 2020 and Q4 2020, there was a 47 percent increase in information disclosure through data leakage attacks. In the healthcare industry alone, the single-day peak for data leakage attacks in early January 2021 – 9,008 – is higher than any day in 2020.
Imperva expects this trend to continue in 2021 as more organizations realize the impact of the record volume of attacks they faced over the past 12 months. At the same time, the risk of significant financial and reputational damage from data leakage attacks has risen exponentially. In April 2020, the UK’s Information Commissioner’s Office (ICO) began issuing fines for personal data breaches under GDPR rules. Since then, fines have increased more than 20-fold: from £1.515m in the 12 months previous, to £39.65m. In addition, data from the ICO shows that between November 2019 and October 2020:
Imperva believes this is just the tip of the iceberg, as accelerated digital transformation projects are likely to introduce even more data security risks in 2021.
“Data security should never be an afterthought – but sadly it often is, particularly when organisations prioritise speed over security. The rush to maintain business continuity in 2020 has accelerated change at such a pace that huge gaps now exist in process and protection around data,” said Chris Waynforth, AVP Northern Europe at Imperva. “It is naïve to think that it is only human access to data leads to compromise. Over 50% of access requests to databases are coming not from users, but application to application. Privileged Access Management (PAM) simply isn’t enough anymore. It’s why Database Activity Monitoring should be a key component of a successful approach to protecting against data leakage attacks.” Waynforth continued: “Additionally, more data now resides outside the traditional IT perimeter; often in hybrid and multi-cloud environments, which are outside of the security team’s purview. The challenge now is to take stock and close any gaps that may have been created, but many don’t know where to start, or that they even have a problem. This lack of focus on data security is likely to come home to roost in the year ahead, when data starts to show up across the dark web and customers are impacted.”
There are immediate actions organisations can take to protect their data:
“Data security has to be built in from the ground up as an essential part of any digital strategy,” concluded Chris Waynforth. “Causes of data leakage can be as simple as misconfiguring a database, failing to have the right controls in place, or lapses in policy, procedure and user education. Risk management needs to start with the data, taking an inside-out view to ensure it is protected at every stage of its lifecycle. Correctly applied, this not only helps to reduce accidental data leakage, but also help protect against malicious attacks and strengthen organisational security as a whole.”