Cybercriminals Target Cloud Apps as Cloud Migrations Accelerate

By

New research from IBM shows that while cloud adoption has accelerated during the COVID-19 pandemic, it has also created unforeseen security risks and complexities. IBM Security used survey data and case study analysis to examine the impact of cloud applications, services and migration strategies.

The research found that businesses that rapidly migrated to the cloud had to deal with basic security oversight issues like governance, vulnerabilities and misconfigurations of cloud applications. IBM also found that during the past year, cybercriminals have been increasingly targeting cloud environments using customized malware, ransomware and other nefarious methods.

“When done right, the cloud can make security scalable and more adaptable -- but first, organizations need to let go of legacy assumptions and pivot to new security approaches designed specifically for this new frontier of technology, leveraging automation wherever possible,” said Abhijit Chakravorty, cloud security competency leader, IBM Security Services. “This starts with a clear picture of regulatory obligations and compliance mandate, as well as the unique technical and policy-driven security challenges and external threats targeting the cloud.”

IBM Institute for Business Value (IBV) and IBM X-Force Incident Response and Intelligence Services (IRIS) conducted research to examine the top threats and security challenges for cloud environments. The teams found that out of 930 senior business and IT professionals surveyed, 66 percent said they rely on cloud providers for baseline security. The perception of security ownership varied across specific cloud platforms and applications, however.

The IRIS team's examination of cloud-related case studies discovered 45 percent of hacking incidents took place over the cloud. Many web and mobile communication apps used over the cloud are not secure, making them vulnerable to cybercriminals. These criminals are now targeting cloud apps for both cryptomining and ransomware, and are using cloud resources to amplify the attacks.

IBM researched client incident response cases between June 2018 and March 2020 and found that cloud applications were the most common entry point for cyber attacks. The most common tactics included brute-forcing, exploiting vulnerabilities and misconfigurations.

Disturbingly, vulnerabilities were often undetected because of shadow IT, the process where an employee goes outside of approved channels, exposing cloud app vulnerabilities.

The research also found that ransomware was deployed three times more than other types of malware within cloud environments, followed by cryptominers and botnet malware. Data theft was the next most common threat activity in breached cloud environments, including personally-identifying information and client-related emails.

Cloud resources were also used to amplify the effects of crytomining and distributed denial of service (DDoS) attacks. The cloud was used to host malicious infrastructure and operations while also adding scale and a layer of undetected obfuscation.

“Based on the trends in our incident response cases, it’s likely that malware cases targeting cloud will continue to expand and evolve as cloud adoption increases,” said Charles DeBeck, IBM X-Force IRIS. “Our team has observed that malware developers have already begun making malware that disables common cloud security products, and designing malware that takes advantage of the scale and agility offered by the cloud.”




Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

TechZone360 Contributing Editor

SHARE THIS ARTICLE
Related Articles

Spotify's AI DJ is Gaining Traction, Expanding into New Markets

By: Alex Passett    6/1/2023

Music streaming giant Spotify previously launched its AI DJ feature in the U.S. and Canada, and now the U.K. and Ireland, as well. This AI-powered DJ …

Read More

Scepter, ExxonMobil and AWS to Develop Innovative Platform for Methane Monitoring

By: Greg Tavarez    6/1/2023

Scepter and ExxonMobil joined forces with AWS to develop an innovative data analytics platform aimed at characterizing and quantifying methane emissio…

Read More

Prepare for Impact: AI Will Revolutionize Every Organization, Application, and Service

By: Reece Loftus    5/30/2023

The opportunity cost in not embracing AI is very real because of the ways AI improves productivity and quality and reduces cost at an unprecedented ra…

Read More

NextPlane's Affordable Microsoft Teams PSTN Calling Solution for UCaaS and Service Providers

By: TMCnet Staff    5/23/2023

NextPlane's Affordable Microsoft Teams PSTN Calling Solution for UCaaS and Service Providers

Read More

5 Gmail Security Tips Every Business Should Know

By: Contributing Writer    5/17/2023

Gmail security refers to the various features and best practices implemented by Google to protect Gmail users' accounts and data from unauthorized acc…

Read More