Evolving cloud threats were observed in the last half of 2023

Computer screen with coding in colored text

Image via Unsplash

A report by Cado Security reveals tactics deployed by malicious actors in last six months of 2023. The report found that in cloud environments, attackers are exploiting web-facing services in order to obtain access. They are also targeting services that need technical expertise to exploit rather than targeting generic servers. The most frequently exploited cloud service is Docker, accounting for 90.65% of honeypot traffic.

Malicious actors are taking advantage of the infrastructure of hosting companies around the world. The report identified malware campaigns (like P2Pinfect) that possessed a wide global distribution, including nodes belonging to providers in the United States, Germany and China. This suggest that regardless of the location of an organization’s infrastructure, it can still be exploited.

Although cryptojacking is still a threat, it is no longer the only threat security leaders may face from cloud attackers. The report observed a diversification of threats in recent malware campaigns, making infrastructure subject to a wider variety of attacks.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.