Although Proofpoint observed large-scale cloud attacks targeting all industries, several trends emerged during the course of this study. Among the industries evaluated, the education and food and beverage sectors were notably vulnerable to successful unauthorized logins. Regulated industries such as healthcare and financial services protected themselves better in comparison, with significantly lower rates of successful attacks. The Fortune 500 companies in the study were heavily targeted and 60% of them experienced at least one compromised cloud account. Certain identified roles including sales representatives and managers were targeted across all industries, presumably because their emails tend to be publicly available and their positions give them access to finance managers, customers, and partners.
In addition to these industry trends, researchers observed the following:
Taken together, this data demonstrates that threat actors have about a 50% chance of successfully accessing an organization via cloud accounts; history demonstrates that a single compromised account can have a significant impact on an organization’s security.