SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Data Protection
#
Ransomware
#
MFA

Google report reveals rising cloud data security threats

Today
Author image
By Sean Mitchell, Publisher

Google Cloud Security has published its H1 2025 Threat Horizons Report, identifying escalating threats in cloud environments posed by threat actors focusing on data exfiltration, identity exploitation, and evolving evasion tactics.

The report highlights that while ransomware and data threats persist, new trends have emerged since 2024, with threat actors refining their methodologies and obscuring their identities to make detection and attribution more challenging. This has subsequently increased the likelihood of organisations making ransom payments.

"Ransomware and data threats in the cloud are not new. In Feb. 2024, Google Cloud security and intelligence experts exposed trends in the Threat Horizons Report, including threat actors prioritizing data exfiltration over encryption and exploiting server-side vulnerabilities," the report states, reflecting on past observations.

The report goes on to detail several identified risks. Risks to service accounts are highlighted with over-privileged service accounts and lateral movement tactics gaining prominence as threats alongside common issues of credential and misconfiguration.

Google Cloud's researchers have also identified that the exploitation of user identities in hybrid environments is resulting in persistent access and lateral movements between on-premises and cloud environments. These activities can lead to multifaceted extortion.

The report notes that cloud databases are increasingly targeted by threat actors exploiting vulnerabilities and weak credentials to access sensitive data.

An increased adaptability among threat actors is also evident, with the utilisation of Ransomware-as-a-Service (RaaS) offerings being used to evade detection and make attribution difficult. Additionally, the diversification of attack methods is underscored by the activities of a group tracked as TRIPLESTRENGTH, which employs privilege escalation, even charging against victim billing accounts for profit maximisation from compromised entities.

Furthermore, it notes that threat actors are employing sophisticated tactics, including multi-factor authentication bypass in cloud services and aggressive victim communication strategies, to steal data and extort finances in the cloud.

To address these evolving threats, the report recommends a robust cloud security strategy in 2025 that prioritises data exfiltration and identity protection. It aims to furnish cloud security decision-makers with the latest intelligence on threat actor tactics, ensuring they are better informed to develop strategies that secure cloud data.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Palo Alto unveils quantum random number generation API
AI reshapes cybersecurity, drives 2025 hyper-automation
KnowBe4 report links cyber insurance to security needs
Infoblox expands in NZ with senior appointments, new suite
FireMon study reveals trend towards AI in cybersecurity
Top stories
Ajay Garg joins Saviynt as Chief Development Officer
Vineeta Puranik appointed as CTO at SmartBear
Tenable predicts cybersecurity trends shaping 2025 landscape
Sophos warns of rising threats exploiting Office 365 tools
Guardz unveils new plan for enhanced cybersecurity services