Cybercriminals are increasingly taking advantage of configuration errors within cloud-based applications, according to a new IBM report.
The most common path for cybercriminals to compromise cloud environments was via cloud-based applications, representing 45% of incidents in IBM X-Force IRIS cloud-related case studies, the technology giant said in a statement.
A lack of basic security hygiene, including governance, vulnerabilities, and misconfigurations, remains the top risk factor enterprises need to address when moving to the cloud.
According to the Armonk, New York-based technology giant, 66% of respondents surveyed in the IBM Institute for Value Survey of 930 senior business and IT (information technology) professionals said that they rely on cloud providers for baseline security. However, this is risky because configuration issues – which are typically users’ responsibility – are most often to blame for data leaks, accounting for over 85% of all breaches.
A financial motive was the most important threat though nation-state actors are also a persistent risk, found the survey titled X-Force IRIS cloud security landscape report. Ransomware was deployed three times more than any other type of malware in cloud environments in IBM incident response cases, followed by crypto miners and botnet malware, the report said.
Hackers used tactics such as brute-forcing, exploitation of vulnerabilities and misconfigurations, IBM said. It added that vulnerabilities often remained undetected due to “shadow IT,” when an employee goes outside approved channels and access a vulnerable cloud app.
IBM said that organisations need to quickly adapt to hybrid, multi-cloud environments, indicating that the ease and speed at which new cloud tools can be deployed can also make it harder for security teams to control their usage.
"Organisations need to let go of legacy assumptions and pivot to new security approaches designed specifically for this new frontier of technology, leveraging automation wherever possible. Along with the regulatory obligations and compliance mandate, as well as the unique technical and policy-driven security challenges and external threats targeting the cloud," Abhijit Chakravorty, cloud security competency leader at IBM Security Services said.
Data from technology research firm IDC shows that more than a third of companies purchased more than 30 types of cloud services from 16 different vendors in 2019, indicating that complexity and fragmentation of cloud infrastructure and solutions that are in the market. IBM said that cybercriminals are targeting cloud environments with customised malware, ransomware and other methods.
"Companies must quickly re-evaluate their security policies and we are working with clients to help migrate their mission-critical workloads to cloud by ensuring security is baked in at every level. How customers can shift their security approaches to protect increasingly dispersed, hybrid-cloud environments is important," said Prashant Bhatkal, security software leader at IBM India and South Asia.
Earlier this week, information technology services firm Wipro had partnered with IBM to help its enterprise customers accelerate their hybrid cloud journey by setting up a joint innovation centre in Bengaluru. Dubbed Wipro IBM Novus Lounge, the centre will build solutions that will leverage cloud, artificial intelligence (AI), machine learning (ML) and the internet of things (IoT) technology platforms.
IBM had leveraged its collaboration with IT services firm Persistent Systems to accelerate the deployment of its Cloud Pak solution, which is an enterprise-ready containerised software solution, built on the Red Hat OpenShift software and helps companies move business applications to the cloud.