Attempts for attacks on cloud -based networks, specifically vulnerability exploits, have increased last year. The greatest increase has been observed in Asia (+60%), followed by Europe (+50%) and North America (+28%).

This has been reported by Check Point Research, making known that there has been a 48% year -on -year increase in cyber attacks based on Cloud, as a consequence of the growing transfer of organizations’ operations to Cloud due.

In addition, researchers have discovered that cybercriminals are taking advantage of the most recent CVEs recorded in the last two years to attack through the cloud, unlike what happens with local attacks.

Cloud -based networks attacks

At present, 98% of global organizations use cloud -based services, and approximately 76% of them have multicloud environments, with services of two or more suppliers.

When examining the last two years of the threat panorama, it is observed that although the current number of aggressions in networks hosted in the cloud remains 17% lower than that of the networks that are not, when the types of attacks can be broken down, and in particular the exploits of vulnerabilities, there is a greater use of the most recent CVE.

In November, the FBI and the CISA revealed in a joint warning that a group of unidentified threats backed by Iran pirate an organization of the Federal Civil Executive Power (FCEB) to implement XMRIG cryptominery malware. The attackers compromised the federal network after hacking an unpantic server using a remote exploit of the Vulnerability of Log4Shell execution.

Security recommendations

The jump to the cloud comes from the hand of the adoption of new security tools. Check Point Software recommends the following practices to maintain more robust security:

  • Zero Trust Security Controls in isolated networks and microsegments: We must deploy critical resources and applications for the company in logically isolated sections of the cloud network of the supplier, such as virtual private (AWS and Google) or VNET (Azure). To microsegment the workloads with each other, subnets must be used with granular security policies in the subnet gateways. In addition, user -defined routing configurations should be used to customize access to virtual devices, virtual networks and their gateways, and public IP addresses.

Network attacks in the cloud have increased by 40% by 2022

  • Security as a new priority: The protection and compliance with regulations at an early stage of the software useful life cycle must be incorporated. With the security checks integrated continuously in the deployment process, instead of at the end, Devsecops is able to find and correct safety vulnerabilities at an early stage, which accelerates the commercialization time of an organization.
  • Vulnerabilities Management: The establishment of surveillance policies guarantees that its deployment fulfills the corporate policies of integrity of the code. These policies will alert about their deviations and can block the deployment of unauthorized elements. We must create correction processes to alert the development team on non -compliant files and apply the appropriate corrective measures. Likewise, tools must be incorporated to explore vulnerabilities and the list of software materials (SBOM, Bill of Materials) to quickly identify components with critical vulnerabilities.
  • Avoid incorrect configuration through continuous analysis: Cloud security providers provide a solid management of their position, systematically applying control and compliance rules to virtual servers. This helps to ensure that they are configured according to the best practices and duly segregated with access control rules.
  • Protect applications with active prevention through IPS and Firewall: It is necessary to prevent malicious traffic from reaching web application servers. A WAF can automatically update the rules in response to traffic behavior changes.
  • Improved data protection with multiple layers: It is necessary to maintain data protection in all layers of shared resources and file communications, as well as continuous management of data storage resources. The detection of poorly configured buckets and the identification of orphan resources provides an additional security layer for the cloud environment of an organization.
  • Real -time threat detection: third -party cloud security suppliers Sumancoontexto when intelligent crossing the registration data with internal data, asset management and configuration systems, vulnerabilities scanners, external data, etc. They also provide tools that help visualize threat scene and improve response times. The algorithms for the detection of anomalies based on AI are applied to detect unknown cyber attacks, which are then subjected to an analysis to determine their risk profile. Real -time alerts on intrusions and infractions reaction times, sometimes even activating automatic correction.
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.