A new report has revealed that 25% of enterprises have suffered from cloud cryptojacking incidents, a sharp increase from the 8% that was recorded from last quarter. As more enterprises increase their activities in the cloud, this area has become a natural target for malicious attackers. IT security experts commented below.
Chris Doman, Security Researcher at AlienVault:
“Most of these attacks are opportunistic – the attackers scan the internet for vulnerable systems in any environment, many of which are with cloud providers.
Cloud providers are well aware of the risk, for example Microsoft has released good advice and tools for detecting currency miners within their Azure environment.
Enterprises should continuously look for any crypto-mining activity and investigate it’s cause – which can be detected fairly easily both with network and host detection.
There has been a big jump in the number of mining attacks against servers (“cryptojacking”) over the last year.”
Martin Jartelius, CSO at Outpost24:
“The popularity of cloud means more and more organizations are hosting their critical infrastructure on it, but not necessarily taking the right security measures to protect their critical assets. However, the shared trust that is necessary for a secure cloud operation may not be well understood by the organizations that adopt cloud infrastructures. They may have overlooked that a new set of security controls are required to safeguard the assets and infrastructure. For an attacker, there are powerful economics at play. When looking for free computer power, cloud infrastructure becomes a tempting target for cryptojackers as Tesla found out earlier this year. The combination of a higher risk exposure and an increased probability of success for attackers is like hanging a “Hack me” sign on your account. Furthermore, the standardization in cloud environments lends itself to automation, making exploitation more cost efficient.
For organizations, it is essential to perform audits of their accounts and environments – a hardening review is a good start, but continuity is the key to reduce the risk exposure. Use automated solutions to audit and track the security level of both the cloud accounts as well as business assets, continuously. This is relevant not only to protect your organization’s critical data, but remember that maintaining a sound baseline is part of the GDPR requirements for data protection. Hardening and audits are also clearly one of those basic practices”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.