Story image

Enterprise cloud deployments being exploited by cybercriminals

20 Feb 2019

A new report from Check Point Software Technologies has revealed there is a lot of uncertainty surrounding cloud security breaches - which are on the rise.

According to the cybersecurity specialist’s third instalment of its 2019 Security Report, cybercriminals are increasingly targeting the weakest and least protected points in an organisation’s IT infrastructure - the public cloud and mobile deployments.

The report reveals the key cyber-attack trends used by criminals to target enterprise cloud and mobile estates during 2018. It also reveals enterprise IT and security teams’ key security concerns about these deployments.

It shows there is certainly cause for alarm, as almost one in five organisations around the world had a cloud security incident in the past year with the most common incident types being data leaks/breaches, account hijacks, and malware infections.

IT professionals of the report were then asked to list what they perceive to be the top four public cloud security threats, with misconfiguration of cloud platforms leading to data loss or breaches being the most prominent with 62 percent, followed by unauthorised access to cloud resources with 55 percent, insecure interfaces and APIS with 50 percent, and finally hijacking of accounts or data traffic 47 percent.

However, by no means does this show that IT professionals are aware of the swelling issue. A staggering 30 percent still believe security is the responsibility of the cloud service provider. Check Point says this concering finding negates recommendations that cloud security should follow the mutual responsibility model, in which security is shared by both the cloud provider and the customer.

According to Check Point, a single misconfigured cloud workload or storage instance is all it takes to open the gates to a potential attack with huge repercussions.

Hardware chip vulnerabilities that can be found in the systems that make up cloud infrastructure - like Meltdown, Spectre, and Foreshadow - are also exposing data to cybercriminals.

Another possible driver of this targeting of cloud infrastructure is because revenue from other instances like cryptojacking and ransomware continue to reduce.

“The third instalment of our 2019 Security Report shows just how vulnerable organisations are to attacks targeting their cloud and mobile estates because there is a lack of awareness of the threats they face and how to mitigate them,” says Check Point Software Technologies Cloud Product Line head Zohar Alon.

As nearly 20 percent of organisations have experienced a cloud incident in the past year, it’s clear that criminals are looking to exploit these security gaps.”

On the mobile deployment side, the majority (59) percent of IT professionals are not using mobile threat defences capable of detecting leading threats including mobile malware, fake or malicious apps, man-in-the-middle attacks and system vulnerabilities.

This is perhaps because just 9 percent consider threats on mobile devices a significant security risk, despite Check Point asserting malware can propagate from unprotected mobile devices to organisations’ cloud- or on-premise networks, exploiting this weak link in enterprise security defences.

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.