Chess Cybersecurity partner Sophos, a global leader in network and endpoint security, have published an in-depth report, showing how relentlessly persistent cybercriminals can be when targeting an organisation’s cloud platforms.
Honeypots - systems intended to mimic likely targets of cyberattackers, were set up in 10 of the most popular Amazon Web Services (AWS) data centres in the world, over a 30-day period, in order for the security researchers to monitor cybercriminal behaviours.
On average, the cloud servers, in locations including California, Frankfurt, Ireland, London, Mumbai, Ohio, Paris, Singapore, and Sydney were hit by 13 attempted attacks per minute, per honeypot, with a total of more than 5 million attacks attempted on the global network of honeypots in the 30-day period. One, in Sao Paulo, Brazil, was hit within 52 seconds of the honeypot going live.
The research demonstrates how cybercriminals are automatically scanning for weak open cloud buckets. If attackers are successful at gaining entry, organisations could be vulnerable to data breaches. Cybercriminals also use breached cloud servers as pivot points to gain access onto other servers or networks.
Matthew Boddy, security specialist at Sophos stresses how that companies need a security strategy to protect what they are putting into the cloud.
“The issue of visibility and security in cloud platforms is a big business challenge, and with increased migration to the cloud, we see this continuing,” he explains.
Sophos is addressing security weaknesses in public clouds with the launch of Sophos Cloud Optix, which leverages artificial intelligence (AI) to highlight and mitigate threat exposure in cloud infrastructures. Sophos Cloud Optix is an agentless solution that provides intelligent cloud visibility, automatic compliance regulation detection and threat response across multiple cloud environments.
Instead of inundating security teams with a massive number of undifferentiated alerts, Sophos Cloud Optix significantly minimises alert fatigue by identifying what is truly meaningful and actionable,” said Ross McKerchar, CISO, Sophos. “In addition, with visibility into cloud assets and workloads, IT security can have a far more accurate picture of their security posture that allows them to prioritise and proactively remediate the issues flagged in Sophos Cloud Optix.”
Download "Exposed: Cyberattacks on Cloud Honeypots" for more information on the research finding, and join the Chess and Sophos Cloud Optix webinar to explore how to mitigate threat exposure in cloud infrastructures.