Cyber-criminals and hackers are increasingly attacking cloud infrastructure, which they see as a “fruit-bearing jackpot” as more organisations are making use of public cloud to store their data than ever before, a security company claims.
While organisations are embracing the cloud – as confirmed by Computing research – a report by security-as-a-service provider Alert Logic suggests that IT decision-makers shouldn’t assume that data they store off-premise is harder for hackers to acquire.
The company warns that there has been a 45 per cent increase in application attacks against cloud deployments.
Alert Logic bases its research on an analysis of one billion events in the IT environments of more than 3,000 of its customers between January 1 and December 31 2014, which revealed more than 800,000 security incidents.
One of the key findings was an increase in attack frequency on organisations that store their infrastructure in the cloud.
“This is not surprising,” says the Alert Logic Cloud Security report. “Production workloads, applications, and valuable data are shifting to cloud environments, and so are attacks.
“Hackers, like everyone else, have a limited amount of time to complete their job,” the report continues, adding: “They want to invest their time and resources into attacks that will bear the most fruit: businesses using cloud environments are largely considered that fruit-bearing jackpot.”
The pattern of attacks directly follows the increase in the number of organisations using cloud hosting from providers such as Amazon, Google and Microsoft.
“Attackers are seeing this trend as well and are making concerted efforts to infiltrate businesses making use of cloud environments, just as they previously did with physical data centres.”
The report claims that some businesses have a misconception about what security precautions they need to take when using cloud-based storage, services, and other software deployments.
Alert Logic suggests that many “mistakenly assume cloud providers take care of all their security needs” when in reality “security in the cloud is a shared responsibility”.
Cyber-criminals are now more sophisticated, with attackers using “advanced techniques” in order to infiltrate the networks of their target organisation.
“Unlike in the past when hackers primarily worked alone using ‘smash-n-grab’ techniques, today’s attackers work in groups, each member bringing his or her own expertise to the team,” says the report, which argues that these techniques also allow cyber-criminals to avoid capture.
“With highly skilled players in place, these groups approach infiltration in a much more regimented way, following a defined process that enables them to evade detection and achieve their ultimate goal: turning sensitive, valuable data into profits.”
However, while there has been a rise in cyber-attacks that target the cloud, Will Semple, vice president of security services for Alert Logic, warns organisations that on-premise networks are still a significant target for cyber-criminals.
“While cyber-criminals are increasingly targeting cloud deployments, on-premises deployments are still being targeted at the same frequency as they always were,” he says.
“The key to protecting your critical data is being knowledgeable about how and where along the ‘cyber kill chain’ attackers infiltrate systems and to employ the right security tools, practices and resource investment to combat them,” Semple adds.
Earlier this year, a new security vulnerability called Venom allowed hackers to take over whole swathes of cloud-based data centres, possibly including those of Amazon, Rackspace and Oracle.
Computing’s Enterprise Security and Risk Management Summit takes place next month and is free to attend for qualified end users. Register here.