Report: Skyhackers are just 3 steps away from ‘crown jewel’ data

Were you unable to attend Transform 2022? Check out all the summits in our on-demand library now! Look here.


The massive acceleration in cloud deployment driven by the pandemic has continued unabated. Gartner predicts that worldwide spending on public cloud services will grow by 20.4% to a total of $497.4 billion in 2022, and expects it to reach nearly $600 billion in 2023. This massive adoption brings new security challenges.

To examine these challenges, the Orca Security Research Pod analyzed cloud workload and configuration data obtained from billions of cloud assets on AWS, Azure, and Google Cloud from January 1–1. July 2022. The findings show that in the rush to move resources to the cloud, organizations are struggling to keep up with ever-expanding cloud attack surfaces and increasing multicloud complexity. The current shortage of qualified personnel in cyber security further exacerbates the situation.

Threat actors have a clear advantage as the research found that once they gain access to an organization’s cloud environment, they only need to find three connected and exploitable vulnerabilities in a cloud environment to get to a “crown jewel” asset, such as personally identifiable information (PII ) or credentials that allow root access.

The top first entry point that hackers exploit to get this close to crown jewel data is Known Vulnerabilities (CVEs) that are not patched immediately (78% of attack paths). This emphasizes the need for organizations to prioritize vulnerability updates. But since it’s simply not possible for teams to fix all vulnerabilities, it’s important to remediate strategically by understanding which vulnerabilities pose the greatest danger to your company’s crown jewels so they can be fixed first.

Event

MetaBeat 2022

MetaBeat will bring together thought leaders to provide guidance on how metaverse technology will transform the way all industries communicate and do business on October 4th in San Francisco, CA.

Register here

Image source: Orca Security.

The research further shows that organizations provide many opportunities for threat actors to advance down the attack path, as 75% have at least one asset that enables lateral movement to another asset. And cyber attackers have more than enough time to complete the three jumps, as it takes organizations an average of 18 days to mitigate an impending compromise alert.

Fernando Montenegro, senior principal analyst at Omdia, commented on the research: “Orca Security’s report on the state of public cloud security is interesting as it highlights the breadth of issues affecting organizations now working with cloud environments. Of particular note, it rightly mentions issues such as identifying sensitive resources, paying close attention to identity and access considerations, and assessing the various attack paths an adversary might be able to use.”

The Orca Research Pod compiled this report by analyzing data captured between January 1 and July 1, 2022, from billions of cloud assets on AWS, Azure and Google Cloud scanned by the Orca Cloud Security Platform.

Read the full report from Orca Security.

VentureBeat’s mission will be a digital town square for technical decision makers to gain knowledge about transformative business technology and transactions. Discover our orientations.

Leave a Reply

Your email address will not be published.