Share this article on:
A new report has suggested that while the cloud may well be the way to do modern business, its intangible nature makes it hard to track vulnerabilities.
According to Palo Alto’s Unit 42, the nature of the cloud makes it a remarkably volatile environment.
“In our survey of over 250 organisations, we found that 80 per cent of security exposures are found in cloud environments, and 20 per cent of cloud services change every month,” Unit 42 said in its latest Attack Surface Threat Report.
“Trying to get a handle on this sort of volatility is not easy, but it is vitally important.”
Interestingly, while change is relatively constant in cloud deployments, there’s a wide difference in the rate of change between different industries. On average, 27 per cent of transportation and logistics companies make changes to their cloud environment every month – the highest rate of change across the board by a significant margin.
At the other end of the scale, only 15 per cent of the education sector makes changes to its cloud services in the same time frame. Every other industry site’s somewhere in between.
But when Unit 42’s researchers looked at cloud-hosted exposures in the same time period, the greatest increase in attack surface matched those industries that had the highest rate of change.
Not only did the transportation and logistics sector have the most exposures, but the education sector was again at the bottom, with the least – 85 per cent in a single month compared to just 9 per cent. In fact, the full list of 12 sectors was effectively mirrored.
“Over 45 per cent of most organisations’ high-risk, cloud-hosted exposures in a given month were observed on new services that hadn’t been present on their organisation’s attack surface in the month prior,” Unit 42 said. “Thus, the creation of new, publicly accessible cloud services (both intended and unauthorised) is a risk factor related to nearly half of all high-criticality exposures at a given time.”
Palo Alto’s report finds that 80 per cent of all security exposures are related to the cloud, with the most common causes being misconfigurations, shared responsibilities, shadow IT, the inherent connection of cloud environments, and lack of visibility into those assets.
Dialling in deeper, web framework takeovers make up the highest proportion of exposures, with remote access services and security infrastructure coming in second and third, respectively.
“Most organisations are unprepared for an attack through an unknown or unmanaged exposure,” Unit 42 concluded.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.