Attacks on cyberspace targeting cloud services have increased significantly in recent months as cybercriminals try to take advantage of the increase in remote work to gain access to corporate accounts.
The Covid-19 pandemic and subsequent social distance measures have forced organizations and employees to adapt to work from home with the help of cloud-based services.
However, the increasing use of these services - which allow users to connect and access corporate resources remotely - has also led to an increase in hackers seeking to take advantage of their growing popularity in order to steal login credentials, sensitive information. and other data.
A new report by cybersecurity company McAfee reveals that the number of remote attacks targeting cloud services increased by 630% between January and April this year. Data in the Cloud Adoption & Risk Report is based on data from 30 million McAfee users worldwide.
While some corporate connection credentials could possibly be purchased from a dark forum, in many cases these cloud account breach attempts will be based on attacks. brute-force, with criminals in cyberspace try common or simple passwords in an attempt to gain access.
The attacks fall into two broad categories. The first is overuse of an abnormal site, where connection efforts come from a site that has not been used before and is not known to the organization. The nature of the cloud means that intruders can make connection attempts from anywhere.
The second category is what researchers call 'suspicious superhuman', which involves multiple attempts. connection in a short time from geographically different locations, which are impossible for a person to travel with each other in a short time.
For example, a user could be seen connecting to an app from Asia, but then connecting to another a few minutes later from a site in North America.
However, due to the increasing use of cloud services, it may not always be obvious to security teams that something suspicious has happened, especially if they are responsible for monitoring thousands of accounts on a large organization.
"While we see tremendous courage and global goodwill to overcome the COVID-19 pandemic, we also unfortunately see an increase in hackers who want to take advantage of the sudden increase in cloud adoption created by rising home work," he said. said Rajiv Gupta, McAfee's senior vice president for cloud security.
"The risk of threatening targets targeting the cloud far outweighs the risk posed by changes in employee behavior," he added.
While the increase in remote work and attackers who want to exploit it create potential security problems, organizations can manage the risk relatively simply. One way to achieve this is through the use of control identity of many factors, so if an intruder successfully imports the right login credentials, there is an additional barrier that prevents them from acquiring access in an account.