Ransomware and other malware figured in half of attacks over past year, says cybersecurity vendor’s latest report
Almost three-quarters of organizations were hit by a cloud security incident over the past year and those with multicloud environments are more than 50% more likely to suffer such an attack than those running a single cloud, according to a report released this week by cybersecurity vendor Sophos.
The Lowdown: The findings in the company’s The State of Cloud Security 2020 report come as organizations are accelerating their migration to the cloud in the wake of the COVID-19 pandemic that has forced companies to adapt to rapidly changing business operations.
The Details: Topping the list of the cloud security threats from the last year were ransomware and other malware, which accounted for half of the incidents. Other threats were exposed data (29%), compromised accounts (25%), and cryptojacking (17%), according to the report.
Accidental exposure was the key culprit, with exploited misconfiguration figuring in 66% of reported attacks. In addition, 33% of organizations said that bad actors gained access via stolen cloud provider account credentials. That said, only a quarter said managing access to cloud accounts was a top concern, even though data from Sophos’ Cloud Optix cloud security posture management tool shows that 91% of accounts have overprivileged identity and access management (IAM) roles and 98% have multi-factor authentication disabled on their cloud provider accounts.
Still, 96% said they’re concerned about their level of cloud security, with 44% saying data leaks are at the top of their list. Other concerns include identifying and responding to security incidents (41%). Only a quarter of respondents said the lack of staff expertise was a top concern.
Europeans suffered the lowest number of incidents, which Sophos researchers said is an indication that the European Union’s General Data Protection Regulation (GDPR) is working.
The Impact: Security in the cloud and elsewhere continues to be an opportunity for MSPs and other channel partners. With the number and complexity of threats growing and the business world becoming more distributed, organizations continue to turn to the channel for help. A report from MarketsandMarkets is forecasting the global managed security services space to grow from $31.6 billion this year to $46.6 billion by 2025.
The Buzz: “Ransomware, not surprisingly, is one of the most widely reported cybercrimes in the public cloud. The most successful ransomware attacks include data in the public cloud, according to the State of Ransomware 2020 report, and attackers are shifting their methods to target cloud environments that cripple necessary infrastructure and increase the likelihood of payment,” said Chester Wisniewski, principal research scientist at Sophos. “The recent increase in remote working provides extra motivation to disable cloud infrastructure that is being relied on more than ever, so it’s worrisome that many organizations still don’t understand their responsibility in securing cloud data and workloads. Cloud security is a shared responsibility, and organizations need to carefully manage and monitor cloud environments in order to stay one step ahead of determined attackers.”