Shining a Light on Cloud SecurityBy Samuel Greengard | Posted 11-28-2017
Let's face it: Cybersecurity has emerged as the new nightmare. Keeping systems safe and secure keeps business and IT executives up at night -- literally. The breadth and depth of threats, along with the growing sophistication of hackers and attackers, translates into constant risk.
Although many factors contribute to the current state of cybersecurity, clouds are increasingly at the center of the storm. Understanding real-world threats is critical.
A recent study conducted by security firm Alert Logic provides perspective about how clouds are evolving and what risks they represent. It analyzed company data from more than 3,800 on-premises and hybrid cloud customers over an 18-month span, which comprised over 2.2 million security incidents. The 2017 Cloud Security Report offers some interesting insights and trends:
- Web application attacks accounted for 73 percent of all the incidents flagged during the evaluation period. Web application attacks affected 85 percent of firms, with injection-style attacks such as SQL injection leading the pack.
- On average, customers running applications on public cloud platforms experienced 405 security incidents over the 18-month period. Meanwhile, on-premises companies experienced a 51 percent higher rate of security incident escalations (612), hosted private cloud users witnessed a 69 percent higher rate of events (684), and hybrid users clocked in at 141 percent higher (977).
- Bad actors are attracted to content management systems and e-commerce platforms. Vulnerabilities in third-party web application components, insecure coding practices and increases in exploit automation make these systems rich hunting grounds for hackers targeting web applications. Attacks targeting Joomla accounted for 25 percent of total web application attacks observed followed by WordPress with 10 percent and Magento with 7 percent.
- Server-side ransomware represented only 2 percent of total incidents. While ransomware gets a great deal of attention in the cyber security industry and in media headlines, it accounted for only a small number of observed security incidents in the data set.
- 52 percent of brute-force attacks targeted the Windows platform. Overall, brute-force attacks comprised about 12 percent of total incidents.
Perhaps the most important finding is that the public cloud is relatively secure. Organizations with on-premises workloads experience a 51 percent higher rate of security incidents than applications running on public cloud platforms.
The report recommends that organizations focus on application whitelisting, consistent patching access privileges and controls. Says Misha Govshteyn, senior vice president of technical and product marketing at Alert Logic: "Cyber attackers continue to seek the weakest spots in network defenses and businesses need to understand how they are refocusing to take advantage of the changing attack landscape."