security

Insider cloud security threat surges: Misuse of legitimate credentials, IBM says – WRAL TechWire


RESEARCH TRIANGLE PARK – In a different take on “insider threat,” IBM says soaring misuse of legitimate credentials is a growing danger to cloud computing.

Blame the problem on legitimate credentials being offered for sale on the “dark web.”

“Cloud is still a hot commodity on the dark web,” the report says. “Credentials comprised nearly 90% of cloud assets for sale on the dark web during the reporting period.”

Theyr’e not expensive, either.

“The average price for these credentials was USD 10.68, representing a slight decrease from the previous reporting period,” IBM says.

Report highlights

In the report, IBM reports a 194% increase in new could-related “common vulnerabilities
and exposures,” or CVEs, from a year ago.

IBM, along with Raleigh-based Red Hat which IBM owns, have made cloud computing a key pillar in its future growth plans.

Here are highlights from the report:

  • Misuse of legitimate credentials plagues the cloud landscape

– [Incident response] data indicates that the use of valid credentials was the most common initial
access vector in cloud security incidents, occurring in 36% of cases.

– The [IBM] X-Force team discovered plaintext credentials located on user endpoints in 33% of engagements involving cloud environments.

  • Container security concerns are on the rise

– The X-Force Red team reported a large uptick in custom resource definition use in organizations’ Kubernetes clusters, which can become security concerns if implemented poorly or without the appropriate level of security-inclusive development processes.

– Vulnerabilities are increasingly being discovered and disclosed

– The X-Force team tracked 632 new cloud-related common vulnerabilities and exposures (CVEs) during the reporting period. This number is a 194% increase from the prior year. The impact felt by the exploitation of these CVEs is varied

Readers Also Like:  Ransomware attacks on public sector persist in January - TechTarget

– Just over 40% of the CVEs discovered during the reporting period could allow an attacker to either obtain information (21%) or gain access (20%).

 



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.