2 min

Tags in this article

, ,

Compared to 2019, the number of threats to cloud environments appears to have doubled. Login credentials are in particular in high demand by hackers.

The recently released 2023 Cloud Threat Landscape Report from IBM shows that between June 2022 and June 2023, about 80 percent of all data breaches targeted the cloud. In addition, the number of cloud-related breaches doubled from four years ago.

In addition, the researchers found that cloud-related breaches mostly revolve around stealing user login credentials. Especially popular are those for Microsoft Outlook. IBM X-Force specialists found that about 5 million of the breaches investigated targeted this application’s login credentials.

Plain text login data and proxy jacking

Other commonly stolen login credentials were plain text cloud login credentials. These accounted for more than a third of all reported incidents. Login credentials for service accounts that had additional access privileges were especially popular. These make it easier for cybercriminals to penetrate deeper into affected networks. Moreover, problems with these accounts are difficult to track down because they often do not belong to an identifiable user.

Furthermore, proxy jacking is taking off, according to the researchers. Here, hackers abuse the bandwidth space of a legitimate end user for their own malicious actions.

Concerning prospects

In their study, the researchers paint a concerning future when it comes to cloud threats and stealing login credentials. First of all, obtaining stolen login credentials on the dark web is becoming cheaper and cheaper. These can now be obtained for as little as $10. Furthermore, a large botnet can earn hackers hundreds of thousands of dollars a month in revenue.

According to IBM, companies are also finding it increasingly difficult to determine the extent to which they are at risk, especially with the rise of shadow IT and uncontrollable vulnerabilities. In this way, they may be underestimating how vulnerable they are.

Also read: Login credentials are the main entry point for hackers into your cloud