Nearly half of cybersecurity attacks now go through the public cloud, and AWS accounts for almost all of the attacks from the cloud. This is revealed by two studies published simultaneously by Netskope and Imperva …
The cloud is increasingly exploited by cybercriminals. According to the study “Cloud and Threat Report” published by Netskope in February 2020, 44% of cybersecurity attacks are now using cloud services at various stages of the process.
The thugs are targeting popular cloud apps and services, taking advantage of the confidence that companies have in these platforms and the general lack of cloud security. The most targeted applications are GitHub, Microsoft Office 365 for Business, Box, Google Drive and Microsoft Azure.
This phenomenon is not surprising, at a time when the average business uses 2,145 cloud services and applications. The most popular application categories are cloud storage, collaboration, mailboxes, and social media. The most popular applications within companies are Google Drive, YouTube, Microsoft Office 365 for Business, Facebook, Gmail, SharePoint, Outlook, Twitter, Amazon S3 and LinkedIn.
AWS represents 94% of cyber attacks starting in the public cloud
In addition, researchers are finding that more and more applications and private data are being migrated to the Cloud. Likewise, at least 20% of business users transfer their data laterally between cloud applications.
Near 40% of data transferred between cloud applications is sensitive, and the lateral movements cover 2481 Cloud services and applications. More than half of breaches of data confidentiality come from storage tools, Cloud collaboration, or email services.
Among the cyber attacks starting with the public cloud, Amazon Web Services (AWS) is the primary source. According to another Cyber Threat Index study published the same day by Imperva, AWS represents 94% of web attacks starting in the public cloud. This type of attack increased by 16% between November and December 2019. In fact, researchers believe that public cloud providers should pay more attention to harmful behavior on their platforms …