Cloud cyberattacks involve compromised privileged credentials

Prevalence of breach attempts can be attributed to reliance on cloud as work-from-home era continues.

  • 3 years ago Posted in

An overwhelming percentage (90%) of cyberattacks on cloud environments in the last 12 months involved compromised privileged credentials, according to new research from Centrify, a leading provider of modern privileged access management (PAM) solutions. The new study, which surveyed 150 IT decision makers across the U.S., found that 65% of respondents saw attempted attacks on their cloud environments, and 80% of those participants’ cloud environments were successfully compromised. 



To identify how reliance on the cloud and resulting risks around this attack surface have progressed a year into the work-from-home era, Centrify partnered with CensusWide to survey these experts. It quickly became evident that the reliability, availability, and scalability afforded by the cloud have become critical to keep organisations up and running, and cybercriminals are taking notice.



While the majority (63%) of respondents had the foresight to make the move to cloud 3-5 years ago, one-quarter (25%) of respondents just began their cloud transition in the last two years. Nearly a third (31%) utilize hybrid and multi-cloud environments, while 45% take a private cloud-only approach, and 23% rely on public cloud. Availability was resoundingly the top cloud benefit amongst respondents (46%), followed by collaboration (28%), cost savings (15%), and scalability (9%). 



Despite the prevalence of cyberattacks targeting the cloud, managing multi-cloud environments was identified as the greatest cloud transition challenge (36%), followed by cybersecurity risks and cloud migration (both 22%). In addition, 19% cited maintaining compliance in the cloud as an ongoing issue.



“Cybercriminals are capitalising on our reliance on the cloud, and they’re no longer just hacking in. They’re logging in,” said Art Gilliland, CEO, Centrify. “With almost all of the attacks on the cloud caused by stolen privileged credentials, the security stack must include a centralised PAM solution architected in the cloud, for the cloud. This approach will minimise the attack surface and control privileged access to hybrid environments, even as it evolves post-COVID-19.”

 

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...