Fortra, has uncovered a significant surge in cybercriminal abuse of Cloudflare Pages (198% increase) and Workers (104%) over the past year. The data also reveals that monthly incidents on Cloudflare Pages alone could surpass 1,600 by year’s end—a 257% year-over-year increase.
What’s surprising?
While it’s primarily used legitimately, Cloudflare Pages can be exploited for malicious purposes due to its reputation, free hosting, ease of use, and global Content Delivery Network (CDN). Threat actors can create convincing malicious sites, using custom domains and secure HTTPS connections to deceive victims. Similarly, while designed to help developers to deploy and run JavaScript code directly at the edge of Cloudflare’s CDN, Cloudflare Workers can be exploited to bypass security controls or automate various attacks like brute-force login attempts. In short, they’re using Cloudflare’s strengths to lure victims into a false sense of security.
Cybersecurity teams may need to change their approach
While Cloudflare does implement threat detection and phishing prevention mechanisms, Fortra’s report suggests a growing trend of abuse on reputable platforms, highlighting the need for more vigilant monitoring, even in environments perceived as secure. Security teams should be aware of these increased attacks and proactively monitor for suspicious activity, as the platform can often be misused before detection of these attacks occur.
Tips for cybersecurity teams:
Cloudflare has several security measures in place to combat abuse, including threat detection systems, phishing detection, and user reporting mechanisms to take down malicious content. Despite these efforts, cybercriminals can still exploit the platform before malicious content is detected. The risk is in how cybercriminals are misusing the service, and not in the technology itself.
Users can protect themselves from phishing by following several best practices. First, they should be cautious when interacting with unfamiliar websites, especially those requesting personal or sensitive information. Verifying the legitimacy of URLs and ensuring that the domain matches the expected source can help identify phishing attempts. Additionally, enabling two-factor authentication (2FA) for accounts adds an extra layer of security.Developers using Cloudflare Pages should implement strong security measures such as regularly updating their site’s dependencies, using HTTPS for secure connections, and monitoring for suspicious activity. It’s also important to report any phishing attempts or malicious activity to Cloudflare for further investigation and takedown, helping to prevent wider abuse.
Like this:
Like Loading...
Related
This entry was posted on November 6, 2024 at 8:19 am and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Fortra Discovers A Nearly 200% Spike in Abuse of Cloudflare’s Trusted Platforms
Fortra, has uncovered a significant surge in cybercriminal abuse of Cloudflare Pages (198% increase) and Workers (104%) over the past year. The data also reveals that monthly incidents on Cloudflare Pages alone could surpass 1,600 by year’s end—a 257% year-over-year increase.
What’s surprising?
While it’s primarily used legitimately, Cloudflare Pages can be exploited for malicious purposes due to its reputation, free hosting, ease of use, and global Content Delivery Network (CDN). Threat actors can create convincing malicious sites, using custom domains and secure HTTPS connections to deceive victims. Similarly, while designed to help developers to deploy and run JavaScript code directly at the edge of Cloudflare’s CDN, Cloudflare Workers can be exploited to bypass security controls or automate various attacks like brute-force login attempts. In short, they’re using Cloudflare’s strengths to lure victims into a false sense of security.
Cybersecurity teams may need to change their approach
While Cloudflare does implement threat detection and phishing prevention mechanisms, Fortra’s report suggests a growing trend of abuse on reputable platforms, highlighting the need for more vigilant monitoring, even in environments perceived as secure. Security teams should be aware of these increased attacks and proactively monitor for suspicious activity, as the platform can often be misused before detection of these attacks occur.
Tips for cybersecurity teams:
Cloudflare has several security measures in place to combat abuse, including threat detection systems, phishing detection, and user reporting mechanisms to take down malicious content. Despite these efforts, cybercriminals can still exploit the platform before malicious content is detected. The risk is in how cybercriminals are misusing the service, and not in the technology itself.
Users can protect themselves from phishing by following several best practices. First, they should be cautious when interacting with unfamiliar websites, especially those requesting personal or sensitive information. Verifying the legitimacy of URLs and ensuring that the domain matches the expected source can help identify phishing attempts. Additionally, enabling two-factor authentication (2FA) for accounts adds an extra layer of security.Developers using Cloudflare Pages should implement strong security measures such as regularly updating their site’s dependencies, using HTTPS for secure connections, and monitoring for suspicious activity. It’s also important to report any phishing attempts or malicious activity to Cloudflare for further investigation and takedown, helping to prevent wider abuse.
Share this:
Like this:
Related
This entry was posted on November 6, 2024 at 8:19 am and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.