Cloud security trends: What makes cloud infrastructure vulnerable to threats?

In this Help Net Security video, Chris Caridi, Strategic Cyber Threat Analyst at IBM X-Force, talks about the findings of the latest IBM Security X-Force Cloud Security Threat Landscape Report.

The X-Force report pulls data from IBM’s threat visibility, including X-Force Threat Intelligence data, hundreds of penetration tests, incident response engagements, and data provided by report contributor Intezer between July 2021 and June 2022.

Key highlights include:

Cloud vulnerabilities are on the rise – Amid a sixfold increase in new cloud vulnerabilities over the past six years, 26% of cloud compromises that X-Force responded to were caused by attackers exploiting unpatched vulnerabilities, becoming the most common entry point observed.

More access, more problems – In 99% of pentesting engagements, X-Force Red was able to compromise client cloud environments through users’ excess privileges and permissions. This type of access could allow attackers to pivot and move laterally across a victim environment, increasing the level of impact in the event of an attack.

Cloud account sales gain grounds in dark web marketplaces – X-Force observed a 200% increase in cloud accounts now being advertised on the dark web, with remote desktop protocol and compromised credentials being the most popular cloud account sales making rounds on illicit marketplaces.

OPIS

Subscribe to the Help Net Security breaking news e-mail alerts:

OPIS

Don't miss