Hackers are quickly finding flaws in organizations’ cloud infrastructure despite perceptions that the technology is ironclad against cyberattacks. Organizations have invested billions of dollars in recent years to move their digital data from traditional, on-premises enterprise storage solutions to the cloud. That investment is expected to keep growing and reach close to $600 billion this year. The high price of relocating data was largely paid for one reason: It’s far more difficult for hackers to break into an organization’s cloud systems. But recent research and incidents underscore how quickly malicious hackers are adapting to the new reality. Attacks exploiting cloud systems nearly doubled in 2022, and the number of hacking groups that can target the cloud tripled last year, according to a CrowdStrike report released last week. A wide-reaching ransomware attack last month targeted a vulnerability in a popular VMware machine used in cloud systems, leaving thousands of systems vulnerable. Bloomberg reported last month that the recent exposure of roughly a terabyte of Pentagon emails was likely due to a cloud configuration error. “As more organizations are moving into the cloud, it becomes a much more attractive target for these threat actors, and they’re spending more time and resources trying to get into that environment,” Adam Meyers, senior vice president of intelligence at CrowdStrike, told Axios. About eight in 10 organizations said they had a cloud security incident in the last year, according to a September report from Venafi. 45% of the organizations that faced a cloud security incident experienced at least four attacks during that period, the research found. The cloud is still far more secure than traditional systems, Meyers said, but a big driver in attacks are the security flaws accidentally injected whenever organizations customize cloud tools for their specific systems. Subsequently, most organizations also fail to update their legacy cybersecurity tools to spot those cloud configuration errors, Meyers added. Many hackers are quickly building skills to target cloud storage because of how rewarding it can be. During traditional attacks targeting onsite servers, malicious hackers typically need their own port-scanning tools to detect what systems are in an enterprise and where the weak, exploitable spots are. But during cloud attacks, those port scanners aren’t needed, Meyers said. Malicious hackers who can navigate a cloud environment can use native tools inside the environment to search and determine what data is available more stealthily. “You’ve created a Mentos of security: crunchy on the outside, soft and chewy on the inside,” Meyers said. Attacks targeting the cloud still start in many of the same ways as on-premise attacks: using stolen employee login credentials.
As IT spending on the cloud continues to grow, organizations need to make sure they’re also reviewing their security sets to ensure they can handle new, cloud-related obstacles.