Cyber Threat Countermeasures Center Innostage SOC CyberART studied information security incidents faced by Russian companies in the first half of 2024. The research revealed that almost half of the leaks and hacks were caused by employees accidentally publishing code containing sensitive information in public repositories. Such leaks can lead to theft of customer data, financial losses and damage to the company’s reputation.
Another common problem is vulnerabilities resulting from new services implemented without proper risk analysis. In 29% of cases, companies faced attacks through these vulnerabilities, which allowed attackers to access networks and conduct various cyberattacks. Additionally, 11% of cases involved the modification of web content, with hackers injecting malicious code into websites and applications to steal user data or steal money.
Additionally, around 9% of incidents involve fake domains used for phishing. Attackers register domains that appear to be legitimate in order to trick users into giving them personal information and money. In 1.6% of cases, the issues stem from configuration errors in network devices or exploitable software. And finally, 0.3% of cases involve data breaches that can lead to financial losses and legal issues.
Maxim Akimov from Innostage SOC CyberART emphasizes that most of the problems are related to the human factor. Statistics show that sensitive data is often located in public repositories and new services are implemented incorrectly. To avoid such problems, it is important to regularly audit IT resources and train employees.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.