Cybercriminal habits were analyzed in a recent report by Orca Security. The report reveals that attackers typically find exposed “secrets”— pieces of sensitive information that allow access to an enterprise cloud environment — in as little as two minutes and, in many cases, begin exploiting them almost instantly.
The research was conducted between January and May 2023, beginning with the creation of “honeypots” on nine different cloud environments that simulated misconfigured resources in the cloud to entice attackers. Each contained a secret Amazon Web Service (AWS) key. Key findings of the report include: