Skip to content

Introducing Security Risks into Cloud Environments

Cloud Security: Key Concepts, Threats, and Solutions - Security News

Over the past ten years, cloud computing and its various forms—private, public, hybrid, or multi-cloud environments—have increased due to innovation and expansion. However, cybercriminals have closely observed the migration and have introduced their inventions to exploit the platforms. The majority of these exploits are the result of improper setups and human mistakes. According to recent IBM Security X-Force data, many companies utilizing the cloud are falling behind on fundamental security best practices, increasing the risk to their enterprises from security risks.

Want to know more about IBM? Visit our course now.

The 2022 X-Force Cloud Threat Landscape Report reveals the “cracked doors” that cybercriminals are using to access cloud settings and finds that vulnerability exploitation, a tried-and-true infection strategy, continues to be the most popular approach to accomplish cloud infiltration. Some of the major findings from the report, which was produced between July 2021 and June 2022 using data from X-Force Threat Intelligence, hundreds of X-Force Red penetration tests, X-Force Incident Response (IR) engagements, and data supplied by report contributor Intezer, highlighting security risks include:

  • Cloud Vulnerabilities are on the Rise – Despite a six-fold rise in new cloud vulnerabilities over the previous six years, unpatched vulnerabilities became the most common entry point seen in 26% of cloud compromises to which X-Force replied.
  • More Access, More Problems – Through users’ excessive privileges and permissions, X-Force Red was successful in attacking user cloud infrastructures in 99% of malware analysis engagements. This kind of access might enable attackers to change direction and travel laterally throughout the surroundings of a victim, heightening the impact of an assault.
  • Cloud Account Sales Gain Grounds in Dark Web Marketplaces – Cloud account sales on illegal markets have increased by 200%, according to X-Force, with remote desktop protocol and stolen credentials being the most common types of cloud account sales.

Number One Reason for Cloud Compromise: Unpatched Software for Security Risks

More and more IoT devices are connecting to cloud settings, increasing the potential attack surface and creating serious security risks for many enterprises, such as proper vulnerability management. As an illustration, the paper revealed that known, unpatched vulnerabilities were exploited to cause more than 25% of the cloud incidents it investigated. While the Log4j vulnerability and a vulnerability in VMware Cloud Director were two of the more usually exploited vulnerabilities seen in X-Force engagements, the majority of vulnerabilities found that were used to compromise applications mostly affected the on-premises versions, sparing the cloud instances.

As expected, there is a constant growth in cloud-related vulnerabilities; in fact, X-Force has seen a 28% increase in new cloud vulnerabilities just in the past year. Businesses struggle to keep up with the need to update and patch an expanding volume of vulnerable software because there have been over 3,200 cloud-related vulnerabilities reported overall to date. The increase in vulnerabilities that can provide attackers access to increasingly sensitive and important data as well as the opportunity to start more harmful attacks and security risks is evidence that not only is the number of cloud-related vulnerabilities expanding but so is their severity.

In order to provide the most effective security risk mitigation, businesses should pressure test their environments to detect weaknesses like unpatched, exploitable vulnerabilities. Businesses should also prioritize these weaknesses based on their severity.

Excessive Cloud Privileges Encourage the Lateral Movement of Bad Actors

The report also sheds light on another concerning trend in cloud environments: poor access controls, with 99% of X-Force Red’s automated testing engagements successful as a result of users’ excessive permissions and privileges. Businesses mistakenly create a stepping stone for attackers to get a deeper foothold in the victim’s cloud environment by giving users inappropriate degrees of access to many applications across their networks.

In order to further reduce the danger that user activities exhibiting excessive trust introduce, the trend highlights the necessity for firms to transition to zero trust methods to mitigate security risks. Businesses can implement the proper policies and controls to investigate connections to the network, whether they are made by an application or a user, and iteratively validate their validity using zero trust methodologies. Additionally, it’s important that businesses properly secure their hybrid, multi-cloud systems as they modify their business models to innovate quickly and adapt easily.

Modernizing their architectures is important to do this. Since not all data require the same level of control and supervision, it is crucial to identify the right workloads and position them where they are needed. This not only enables businesses to manage their data effectively but also to put effective security controls around it, supported by appropriate security technology and resources.

Dark Web Marketplaces Lean Heavier into Cloud Account Sales

As cloud computing becomes more popular, more cloud accounts are being sold on the Dark Web, as shown by X-Force, which has seen a 200% increase in the past year alone. Over 100,000 cloud account adverts were found by X-Force on Dark Web marketplaces, with some account types being more popular than others. Remote Desktop Protocol (RDP) access accounts accounted for 76% of cloud account purchases, a modest increase from the previous year. 19% of the cloud accounts advertised in the marketplaces that X-Force examined were compromised cloud credentials.

Because the going rate for this kind of access is so minimal, the ordinary bidder may readily access these accounts. RDP access costs an average of $7.98, and compromised credentials cost an average of $11.74. The simplicity of compromised credentials and the fact that postings advertising credentials usually include multiple sets of login information—possibly from other services that were stolen along with the cloud credentials—are probably to blame for their 47% higher selling price. This increases the ROI for cybercriminals.

Organizations must seek to enforce stricter password standards by advising users to often update their passwords and using multifactor authentication as more compromised cloud accounts appear across these illegal marketplaces for bad actors to exploit (MFA). Businesses should use Identity and Access Management tools to prevent credential theft from threat actors and lessen their dependency on login and password combinations.

By clicking here, you can have an idea why Security Risks is being introduce into Cloud Environments.


Here at CourseMonster, we know how hard it may be to find the right time and funds for training. We provide effective training programs that enable you to select the training option that best meets the demands of your company.

For more information, please get in touch with one of our course advisers today or contact us at training@coursemonster.com