Manufacturing firms leave millions of files exposed - Varonis report
Varonis’ 2021 Manufacturing Data Risk Report suggests that many organisations are not prepared for a disruptive attack on their businesses, and many still heave potentially sensitive data at risk of exposure.
The report was compiled from four billion files located across 50 organisations within the industrial manufacturing and engineering sectors.
The report found that the average worker has access to 27,000 files, and 40% of organisations leave more than 1,000 sensitive files to every single employee.
The report states, “On average, every employee has access to over 6 million files — nearly one out of every five files — on their first day on the job. For large companies, that number doubles — at firms with more than 1,500 workers, employees can access over 12 million files.”
Further, 32% have between 500-1,500 passwords that don’t expire, and 24% have more than 1,500. These issues are amplified by the amount of ‘ghost’ or inactive users - 56% have fewer than 1,000 ghost users but a large percentage (36%) have between 1,000-10,000 ghost users, and 8% have more than 10,000 ghost users.
The report found that 78% of all sensitive data is stale (that is, it could be archived or deleted), and much of this data is exposed to the public. The report notes that organisations left nearly 10,000 exposed folders per terabyte of data open for anyone to access.
More than half of organisations also use more than 500 passwords, but there’s a drawback: These passwords never actually expire.
The report notes, “Inactive, but enabled, privileged admin accounts with passwords that never expire are one of the best gifts you can give cybercriminals. These often overlooked vulnerabilities are difficult to detect and root out without proper visibility into your environment.”
If a breach occurs, it could take up to 220 days to contain, costing an average loss of US$5 million.
Varonis technical director Matt Lock comments, “Manufacturers hold sensitive, and incredibly valuable data that put them at risk. And as we saw with WannaCry, DarkSide and so many other attacks, ransomware can stop production lines and halt businesses. All too often, information is overexposed and under protected. To limit the damage attackers can do, you must reduce your blast radius.”
Lock says, “Companies need to ask themselves three questions to better prepare for an attack: Do you know where your important data is stored? Do you know that only the right people have access to it? Do you know that they’re using data correctly? If you don’t know the answers to these three questions, you won’t be able to identity the early stages of a cyber attack.”