*Experts say the huge data breaches are a remarkable indication of how large the threat is from cyber intrusion, and a reminder that behind every data record exposed to attacks, there is an individual who could be put at risk of fraud

Gbenga Kayode | ConsumerConnect

Experts have disclosed that cyber breaches have become more frequent as the potential bounties for those launching attacks increased in recent times.

But just how frequent, and how costly, those attacks and breaches are are rarely considered on a grand scale until now, CyberNews report said.

It was learnt Cyber exposure company Tenable has audited the scale and scope of data breaches and exposures throughout the course of 2021.

The findings indicated how enormous the danger is.

The report stated that at least 40,417,167,937 records were exposed worldwide in 2021, as calculated by Tenable’s Security Response Team’s analysis of 1,825 breach data incidents publicly disclosed between November 2020 and October 2021.

The number is a considerable increase on the same period in 2020, which saw 730 publicly disclosed events with just over 22 billion records exposed, says Tenable.

It’s a remarkable indication of how large the threat is from cyber intrusion – and a reminder that behind every data record exposed, there’s an individual who could be put at risk of fraud.

An unprecedented scale

While the analysis of the data is by its very nature not fully transparent because the volume and type of data exposed are not always clear, however, there are some indications of the scale of the problem, said the report.

Over 260 terabytes were stolen as a result of the data breaches. When it comes to calculating the number of files, documents, or emails breached, the number is over 1.8 billion files.

Delving deeper into the data, Tenable managed to look at how many times data breaches were linked to a specific root cause.

Approximately 38 percent of all breaches analysed were the result of a ransomware attack, up from 35 percent in 2020.

Tenable reported: “Dozens of groups, like REvil, Conti, DarkSide, and more, dominated the headlines and continued to wreak havoc across a wide range of industries.”

A quarter of the data breaches in 2021 had an unknown root cause, up slightly from 2020.

In 2021, there were 21,957 new CVEs assigned from January to November, a 20% increase over 2020, according to Tenable.

There were also 105 zero-day vulnerabilities disclosed, a 262% increase over the 29 zero-days in 2020. Tenable also tracked data breaches: 1,825 occurred in the 12 months from October 2020 to October 2021.

These metrics all represent upticks from 2020’s data, the company claims.

Practical measures to fix things

Against the backdrop of such high risks involved, experts say it can be difficult to steer clear of any danger while online.

Nonetheless, there are some things that individuals and businesses can do to try and stop the risks of their information being breached and appearing online in an illicit marketplace.

Claire Tills, Senior Research Engineer at Tenable said: “Migration to cloud platforms, reliance on managed service providers, software and infrastructure as a service have all changed how organisations must think about and secure the perimeter.”

It is also noted that Tills’s advice for businesses is clear: “Modern security leaders and practitioners must think more holistically about the attack paths that exist within their networks, and how they can efficiently disrupt them.

“By examining threat actor behaviour, we can understand which attack paths are the most fruitful and leverage these insights to define an effective security strategy.”