Badly Configured Networks Cause Most Data Breaches

IT and network managers beware: a survey of ‘hacking habits’ from security lifecycle management specialist Tufin Technologies has identified that badly configured networks are the main cause of security breaches.

The annual survey was conducted at the DEF CON 18 conference in Las Vegas last month among 100 security professionals, more than half of whom work in corporate IT. Nearly three quarters said they came across a misconfigured network more than 75 percent of the time – which, according to 76 percent of the sample, was the easiest IT resource to exploit.

Sloppy Setups?

According to the survey, 58 percent of respondents blamed IT personnel for the misconfiguration, because they did not know what to look for when assessing the status of their network configurations.

“The really big question coming out of the survey is how to manage the risk that organisations run dealing with the complexity that is part and parcel of any medium-to-large sized company’s security operations,” said Reuven Harrison, Chief Technology Officer and Co-Founder at Tufin.

Eighteen percent of respondents believe misconfigured networks are the result of insufficient time or money for audits (highlighted in a previous Tufin survey), but 14 percent felt that compliance audits that don’t always capture security best practices are also a factor. Meanwhile, 11 percent felt that threat vectors that change faster than they can be addressed, play a pivoltal role.

Harrison believes that automating configuration and security management is the best way to solve this problem.

“When you factor in the issue that 60 percent of the DEF CON 18 respondents said they had a day job in the corporate world, it’s clear that IT managers need to address the security shortcomings of their networks by remediating the network misconfiguration issue,” said Harrison. “Only by configuring their network resources correctly can companies hope to beat these security issues,” he added.

Insider Threat

Interestingly, 75 percent of respondents called themselves hackers, and 48 percent admitted that planting a rogue member of staff inside a company was one of the most successful hacking methodologies.

“This realisation is made worse when you consider that 57 percent of the security professionals we surveyed classified themselves as a black or grey hat hacker, and 68 percent of respondents admitted hacking just for fun,” Harrison said. “With networks so easily penetrated, it’s no surprise that 88 percent believe the biggest threat to organisations lies inside the firewall.”

Ongoing Problem

The problem of security breaches is a well documented problem facing many of today’s IT managers. And even government departments are not immune. Last week, the US Deputy Defence Secretary William J. Lynn III revealed that in 2008 a flash drive believed to have been infected by a foreign intelligence agency uploaded malicious code onto a network run by the American military’s Central Command.

And it seems that the healthcare industry is the most vulnerable to data breaches. In early August a survey of American organisations found that, like in the UK, the healthcare industry suffers the most data breaches.

In the UK, the Information Commissioner’s Office (ICO) has been coming down hard on institutions responsible for data breaches, but is yet to issue a fine.