Hackers are increasingly aiming cyber attacks at cloud infrastructure, using it as an entry point to drive other attacks and relying on employees and businesses to misconfigure their infrastructure, leaving it open to attack.
That’s according to cyber security firm Symantec’s latest Internet Threat Security Report, which noted misconfigured servers and cloud infrastructure are providing tempting targets for cyber criminals.
“The same security mistakes that were made on PCs during their initial adoption by the enterprise are now happening in the cloud<” Symantec’s report explained.
“A single misconfigured cloud workload or storage instance could cost a company millions of dollars or land it in a compliance nightmare. In the past year alone, more than 70 million records were stolen or leaked from poorly configured S3 buckets. There are also numerous, easily-accessible tools that allow attackers to identify misconfigured cloud resources on the internet.”
The security company explained that hardware chip vulnerabilities, which can be found in the systems that underpin cloud infrastructure, such as Meltdown, Spectre, and Foreshadow are also exposing data to criminals.
The reason for cloud infrastructure to increasingly draw the eye of cyber criminals is that they are looking for alternative ways to generate income. as returns from ransomware and cryptojacking attacks are reducing.
The report noted that cyber criminals are also increasingly targeting online retailers to steal customer details using methods such as formjacking.
Formjacking allows criminals to steal user card data while they’re shopping online. It involves injecting code into badly-secured checkouts on retailer websites used to steal card details.
Symantec reported that more than 4,800 unique websites are injected with malicious code used in such attacks every month and it had blocked 3.7 million attempts to use such methods to steal card details in 2018.
“Formjacking represents a serious threat for both businesses and consumers,” said Greg Clark, CEO at Symantec.
“Consumers have no way to know if they are visiting an infected online retailer without using a comprehensive security solution, leaving their valuable personal and financial information vulnerable to potentially devastating identity theft. For enterprises, the skyrocketing increase in formjacking reflects the growing risk of supply chain attacks, not to mention the reputational and liability risks businesses face when compromised.”
During 2018, Symantec revealed that the number of hackers using more traditional methods of disrupting a company’s infrastructure, such as ransomware and cryptojacking had decreased significantly in 2018.
The reasons for this, Symantec cited, was that the value of cryptocurrency has reduced significantly and more businesses are adopting mobile and cloud computing, which makes attacks “less effective”.