Report: Cloud hackers are just 3 steps away from ‘crown jewel’ data.

Couldn’t attend Transform 2022? View all summit sessions in our on-demand library now! Watch here.

The massive acceleration in cloud deployment fueled by the pandemic has continued unabated. Gartner predicts that global spending on public cloud services will grow 20.4% to a total of $497.4 billion in 2022 and expects it to reach nearly $600 billion in 2023. This massive adoption comes with new security challenges.

To examine these challenges, the Orca Security Research Pod analyzed cloud workload and configuration data captured by billions of cloud elements in AWS, Azure, and Google Cloud from January 1 to July 1, 2022. Findings show that in rush to move resources to the cloud, organizations are struggling to keep up with ever-expanding cloud attack surfaces and the growing complexity of multicloud. The current shortage of skilled cybersecurity personnel further exacerbates the situation.

Threat actors have a clear advantage as the research found that once they gain access to an organization’s cloud environment, they only need to find three connected and exploitable weaknesses in a cloud environment to reach a “crown jewel” asset such as personally identifiable information (PII) or credentials that allow root access.

The top entry point exploited by hackers to get this close to the crown data is known vulnerabilities (CVEs) that are not patched immediately (78% of attack paths). This highlights the need for organizations to prioritize vulnerability patching. However, since it’s simply not feasible for teams to patch all vulnerabilities, it’s necessary to patch strategically, understanding which vulnerabilities pose the greatest risk to the company’s jewels so they can be patched first.


MetaBeat 2022

MetaBeat will bring together thought leaders to provide guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, California.

Register here

Image source: Orca Security.

The research further shows that organizations leave plenty of opportunity for threat actors to move down the attack path, as 75% have at least one asset that allows lateral movement to another asset. And cyber attackers have more than enough time to complete the three jumps, as it takes organizations an average of 18 days to mitigate an impending compromise alert.

Commenting on the research, Fernando Montenegro, senior principal analyst at Omdia, said: “Orca Security’s State of Public Cloud Security report is interesting as it highlights the range of issues affecting organizations now working in cloud environments. Of particular note, it rightfully clarifies issues such as identifying sensitive resources, paying close attention to identity and access credentials, and considering the different attack paths an adversary might use.”

The Orca Research Pod compiled this report by analyzing data captured from January 1 to July 1, 2022, from billions of cloud assets in AWS, Azure, and Google Cloud scanned by the Orca Cloud Security Platform.

Read the full report from Orca Security.

VentureBeat’s mission is set to be a digital town square for technical decision makers to learn about and transact business-transformative technology. Discover our Updates.

Leave a Comment