International. A recent study on the cloud found that in the last year more than 80% of organizations have experienced security incidents in this class of solutions, and 41% of engineers believe that security in this environment will be even more challenging as the next generation of cloud-native applications are deployed. WatchGuard Technologies reported.
What are the main initial vectors for cloud environments?
Account engagement: A Google Cloud analysis indicated that the main entry vector for cloud environments is brute force attacks, responsible for 51% of cyberattacks in the first quarter of this year.
Another common form of account compromise is the purchase of credentials on the dark web or credentials exposed in public repositories. This happens, mostly, because companies do not implement a multi-factor authentication (MFA) solution to secure their accounts.
- Exploitation of cloud applications: In IaaS environments where cloud customers manage their own web applications and systems, classic web application vulnerabilities are still common and exploitation is an effective way to access environments.
Exploiting vulnerable software is the second most compromised threat vector, accounting for 37% of cloud threat activity.
- Misconfiguration abuse: Misconfiguration within cloud architectures plays a key component when it comes to becoming potential victims. Management consoles without password protection or with default password are responsible for 30% of attacks of this type.
In addition, exposed server workloads account for 27% of threats. It is followed by overly permissive service or user accounts (25%), publicly exposed web servers without WAF (Web Application Firewall) and/or a load balancer (23%), VMs or containers running as root (22%), management interfaces without multi-factor authentication (22%), traffic to disallowed IPs (22%), disabled logging (19%) and open management ports (19%).
Phishing: Phishing also poses a threat to cloud environments. Many times administrators are tricked through email to enter pages that emulate those of Cloud providers, resulting in the theft of credentials when entering their account from the fraudulent portal.
WatchGuard Technologies specialists recommend 4 steps to a secure cloud.
-Adopt cyber hygiene practices such as the use of multi-factor authentication to protect access to accounts,
-Be aware of possible cases of phishing,
-Update and patch the softwares
-Ensure that you have a correct configuration of the elements that are part of the Cloud architecture.