IBM: Remote Exploitation Is the Most Common Type of Cloud Infection

IBM: Remote Exploitation Is the Most Common Type of Cloud Infection

According to research recently released by IBM Security, the most common type of cloud security infection is remote exploitation. This result comes from the Cloud Threat Landscape Report 2020 released by IBM, which is based on research conducted by IBM Security X-Force® Incident Response and Intelligence Services (IRIS). The report found that cloud threat actors are using multiple methods to attack vulnerable cloud deployments, widening the need for comprehensive cloud security.

Our MSP Buyer’s Guide contains profiles on the top cloud managed service providers for AWS, Azure, and Google Cloud, as well as questions you should ask vendors and yourself before buying. We also offer an MSP Vendor Map that outlines those vendors in a Venn diagram to make it easy for you to select potential providers.

IBM investigated how cloud threat actors choose to attack cloud deployments. The survey found that the most common method actors use to infect cloud deployments is by remote exploitation, accounting for 45 percent of cybersecurity incidents the company had investigated from January 2019 to May 2020. IBM noted that because of poor public cataloging of discovered remote security issues, it has been challenging to address remote vulnerabilities.

Another common cloud security infection type is misconfiguration exploitation, which has consistently been one of the greatest sources for cloud data theft. Based on information IBM has previously collected, threat actors used misconfigured cloud servers to steal over one billion data records from compromised cloud environments. Educating enterprises and employees on proper cloud security configurations will be key in preventing this statistic from becoming worse.

In the company’s official press release, IBM Security Services’ Cloud Security Competency Leader Abhijit Chakravorty stated: “The cloud holds enormous potential for business efficiency and innovation, but also can create a ‘wild west’ of broader and more distributed environments for organizations to manage and secure. When done right, cloud can make security scalable and more adaptable – but first, organizations need to let go of legacy assumptions and pivot to new security approaches designed specifically for this new frontier of technology, leveraging automation wherever possible. This starts with a clear picture of regulatory obligations and compliance mandate, as well as the unique technical and policy-driven security challenges and external threats targeting the cloud.”

Read the Cloud Threat Landscape Report 2020 here.

Daniel Hein