Approximately 7.5 million external attacks were recorded against cloud accounts during the second quarter, with over 200,000 of those against UK business, security firm McAfee has revealed.
The findings were based on the aggregated and anonymised cloud usage data from more than 30 million McAfee MVISION cloud users worldwide from all major industries, detailed in a new McAfee Labs Threats Report for 2020.
The UK has been ranked seventh on a top ten list showing the most cloud attacks by region, with just over 200,000. This is followed by Brazil and the Netherlands, at around 250,000, Russia and New Caledonia at just under 300,000, and India at 450,000. Thailand currently experiences the highest number of attacks against cloud accounts, with 625,000.
The report also found that Q2 saw a 605% increase in COVID-19-themed attack detections, following the trend of hackers exploiting the pandemic for criminal activities. Overall, during this past quarter, McAfee managed to observe an average of 419 new threats per minute.
Commenting on the findings, Nigel Hawthorn, data privacy expert for cloud security at McAfee, said that “the fact that there have been nearly 7.5 million attacks on users via cloud services in the second quarter of this year highlights how criminals have been quick to pivot attack methods to take advantage of the pandemic”.
“The move to widespread remote working has required many industries to adopt new cloud services to maintain staff productivity, communication and collaboration. When managed correctly, however, the cloud is the most secure place to do business and an incredible driver of business growth, innovation and resiliency. Incorporating cloud into strong data governance policies and regular staff training are the keys to making this a reality,” he added.
Hawthorn recommended that IT teams should be “able to quickly identify, prioritise and respond to these targeted attacks – across both device and cloud”.
“Technology can play a key role in helping security professionals understand whether their organisation is at risk, what specific threats they are susceptible to, and how they can pre-empt an attack,” he added. “This must go hand-in-hand with a shared responsibility security model. Everyone is accountable in some way and must play their part to protect data against cybercriminals.”