More than two billion files exposed across SMB-enabled file shares, misconfigured network-attached storage (NAS) devices, FTP and rsync servers and Amazon S3 buckets were found in a "Too Much Information: The Sequel,” report by Digital Shadows. A total of 750 million more than last year, the report says.
Key findings include:
- The United States continued to expose the highest amount of data (over 326 million files), though France and Japan are as leaders in their geography, with 151 million and 77 million files exposed, respectively.
- Similar to last year, the Server Message Block (SMB) protocol exposed the highest amount of data among the technologies analyzed. File Transfer Protocol (FTP) and rsync servers accounted for 20 percent and 16 percent of the exposure detected, respectively.
- Threat actors are actively attempting to exploit this exposure. More than 17 million files across these online file stores, which are often used for backing up data, had been encrypted by ransomware; 2 million of which belonged to the NamPoHyu ransomware, a variant of the MegaLocker strain.
- Amazon introduced a new feature, “Block Public Access”, in November 2018 which reduced the overall exposure of S3 buckets to a nearly unrecognizable amount. From the 16 million files detected in October 2018 coming from S3 buckets, less than 2,000 files were exposed.
- There are already two success stories in the European Union's recently enacted General Data Protection Regulation (GDPR). Luxembourg and The Netherlands were the only two countries which reduced their overall exposure and had national laws in place to implement GDPR. France, who had the highest amount of exposure among EU member countries, had yet to align to the GDPR at a national level fully.