In the spring, hackers broke into companies’ cloud services primarily through employee login credentials. So IT teams better make it a priority to strengthen authentication methods and follow up on data breaches.
Hackers were able to enter enterprise cloud environments most often by misusing login credentials or methods. In the spring, sixty percent of intrusions occurred through this route. At least that’s according to the August 2023 Threat Horizons report. The report comes from Google’s Cybersecurity Action Team and deals with intrusions into Google Cloud.
A detailing table in the report further clarifies that hackers mainly exploit weak passwords, but login methods that do not require a password can also be the source. Overall, 54.8 percent of attacks originate this way. The exploitation of leaked login credentials accounts for the remaining 7.1 percent.
Evaluate employee cyber hygiene
It is clear that hackers manage to break in mainly through human mistakes. Employees of a company have always been a prime target of hackers. Therefore, phishing emails are not just a popular tool among hackers.
The main factor through which hackers enter your cloud environment is now known. But there are three other factors identified in the report. In nineteen percent of cases, hackers abused misconfigurations. This factor was associated with exploiting known weaknesses in user interfaces and APIs. Only 2.4 percent of incidents were found to be the result of vulnerable software.