Cloud Vulnerabilities Surge 200% Due To Poor Security: IBM

The IBM X-Force Cloud Threat Landscape Report 2023 tracked 632 new cloud-related vulnerabilities between June 2022 and June 2023 and saw a 194% increase over the previous year bringing the total number tracked by the vendor to 3900, a number that has doubled since 2019. 

In 36% of the real-world cloud incidents, the top initial access point for cloud compromises was the use of valid credentials either attained during an attack or stolen prior to targeting a specific victim. That is a significant jump from the 9% observed the previous year.  

“[It] highlights the need for organizations to move beyond human-reliant authentications and prioritize technological guardrails capable of securing user identity and access management,” IBM analyst Chris Caridi said. 

The X-Force team found examples of poor security practices such as plaintext credentials located on user endpoints in 33% of incidents involving cloud environments. 

The next two most common access strategies, each 14% of engagements, were exploitation of public-facing applications and phishing and spear phishing.

Dave Ratner, CEO, HYAS had this to say:

   “Chris Caridi is correct that organizations need to do a better job of securing and authenticating user identity.  At the same time, bad actors will always break in, so the report also highlights the need for improved visibility and observability of anomalous communication patterns via Protective DNS — the telltale sign of an initial breach beaconing out to its command-and-control for instructions.  Only through a defense-in-depth strategy will organizations truly be able to implement business and operational resiliency.”

With the cloud being as pervasive as it is within most organizations, there really needs to be a focus on clouds security to ensure that this isn’t a threat to an organization’s security.

Leave a Reply

%d bloggers like this: