The total number of cloud intrusion incidents increased by 75 per cent in 2023, significantly surpassing 2022.
That’s according to figures from CrowdStrike. Cloud intrusion includes unwanted and unauthorized access to cloud environments and applications. CrowdStrike classifies the majority of cloud intrusion cases as cloud-agnostic cases. In these cases, the person gaining access is unaware of compromising the cloud environment or has not taken advantage of cloud features.
The other category, “cloud-conscious cases,” accounts for fewer cloud incidents but is growing faster in percentage terms and is quite dangerous. Here, the person is aware of the possibility of compromising cloud workloads. He uses this knowledge to abuse the features for various bad practices.
Especially financial motive
Especially financially motivated cybercriminals, called eCrime adversaries, actively attack cloud environments. According to CrowdStrike, probably 84 per cent of cloud-conscious intrusion cases come from eCrime criminals.
In particular, the hacker group Scattered Spider is responsible for the increase in cloud-conscious activity. This group accounted for 29 per cent of the cases in 2023. “Throughout 2023, SCATTERED SPIDER demonstrated progressive and sophisticated tradecraft within targeted cloud environments to maintain persistence, obtain credentials, move laterally and exfiltrate data,” CrowdStrike concludes.
Tip: CrowdStrike: Navigating the sprawl of endemic automation
2 days ago
