Are multicloud environments plagued with a multitude of entry points?

Seven in 10 organizations suffered a public cloud security breach in the last year – and more complex environments bring more risks.
15 July 2020

Cybercriminals are infiltrating public clouds through the back door. Source: Shutterstock

  • Spend on cloud IT infrastructure is set to hit US$100 billion by 2024
  • Sophos’ survey revealed about half of the organizations experienced malware attacks in their cloud platforms 
  • Organizations running multicloud environments are more likely to suffer from breaches 

Cloud computing’s inherent flexibility and scalability has led to nine in 10 enterprises laying out plans to migrate workloads off-premise by 2022.

The coronavirus outbreak has expediated this movement as businesses were driven to adopt cloud-inspired solutions (such as public, private, or multicloud) to help mitigate the pandemic-induced disruption. Cloud has become an asset to boost work efficiency and, for some, a lifeline for business continuity – investments in cloud IT infrastructure are set to climb to reach US$100 billion by 2024.

However, the shift to or continued adoption of cloud computing comes with cybersecurity issues. A global survey by Sophos, a UK-based cybersecurity firm, revealed that seven in 10 organizations suffered a public cloud security breach in the last year.

The survey listed malware as a top cyberattack, which half of the respondents fell victim to, followed by exposed data (29%), compromised accounts (25%), and cryptojacking (17%).

The State of Cloud Security 2020 survey was carried out across major regions such as the Americas, Europe, Asia Pacific, the Middle East, and Africa and interviewed over 3,500 IT managers.

Interestingly, the survey has underlined the added challenges for organizations running multicloud environments, with 73% of multicloud users reported up to twice as many security incidents than those running a single cloud. Inevitably, cybersecurity risks increase as the number of cloud environments expand.

Multicloud management has also been included as one of the biggest concerns among cloud users, alongside data loss and detection, response procedures of security incidents. For multicloud users, the expanded cloud environment signals a wider surface area, and higher access points (if not guarded appropriately) can be abused by bad actors.

The survey reported two-thirds of enterprises leave back doors open to cybercriminals. Cybercriminals have been able to capitalize on the accidental exposure of enterprises through misconfigurations. More than half (66%) of the stated attacks were carried out due to security flaws in the web application firewall or a misconfigured cloud resource. On the other hand, 33% made use of stolen cloud account credentials to infiltrate the platforms.  

With the evolution of cloud solutions, organizations are introducing new cloud services to strengthen cloud capabilities such as data storage, processing, and management. The extended capabilities and cloud environment also indicate higher chances for misconfiguration, leading to a larger attack surface for cybercriminals to target.

Similar findings of misconfigurations as the root of cloud-based crimes have been found in other reports. Trend Micro’s cloud security report highlighted that, on average, about 230 million cloud misconfigurations are identified on a daily basis.

Mismanaged cloud environments possess valuable entry points for bad actors and are in more risks than ever if poor management of the cloud is in place. Chester Wisniewski, a principal research scientist at Sophos, touched on the importance of shared responsibility, particularly, at a time of the coronavirus outbreak.

“The recent increase in remote working provides extra motivation to ​disable cloud infrastructure that is being relied on more than ever, so it’s worrisome that many organizations still don’t understand their responsibility in securing cloud data and workloads. Cloud security is a shared responsibility, and organizations need to carefully manage and monitor cloud environments in order to stay one step ahead of determined attackers,” Wisniewski said. 

IT leaders and teams can enforce fundamental cyber-hygiene practices across teams to reduce the number of potential entry points and safeguard login credentials. Organizations can benefit from leveraging cloud-native tools to combat ongoing threats in the cloud environment as well. Adopting the concept of “fight fire with fire,” cloud-based cybersecurity tools may provide an edge in securing the cloud environment.