The overwhelming majority of cyberattacks on cloud servers are designed to mine cryptocurrency as opposed to stealing delicate firm knowledge in accordance to a brand new report from Aqua Security.
Team Nautilus, the agency’s cybersecurity analysis group, tracked and analyzed 16,371 assaults between June 2019 and July of this 12 months to compile its new Cloud Native Threat Report.
At the start of this 12 months, cyberattacks in opposition to cloud techniques skyrocketed and Aqua Security recorded a 250 p.c enhance within the variety of assaults in comparison to the earlier 12 months. During these assaults, cybercriminals tried to acquire management over the corporate’s honeypot servers and deploy a malicious container picture on them.
According to Aqua, 95 p.c of the malicious container pictures loaded on its servers had been aimed toward mining cryptocurrency whereas the remainder had been used to set up DDoS infrastructure to launch future assaults.
Based on its evaluation of cyberattacks on its honeypot servers over a one 12 months interval, Aqua Security believes that the risk panorama has shifted in the direction of organized cybercrime as opposed to lone actors working independently.
The involvement of organized cybercrime teams is regarding as a result of it has not solely led to a spike in assaults but it surely has additionally raised their complexity. According to Aqua, intrusion strategies have grow to be extra diversified whereas malware complexity has additionally improved. The agency noticed malware strains utilizing multi-stage payloads, 64-bit encoding to conceal their presence and methods to disable competing malware from different teams of cybercriminals on the identical system.
Head of Team Nautilus Idan Revivo offered additional perception on the agency’s report and supplied recommendation for safety groups coping with these more and more complicated threats in a press release, saying:
“The attacks we observed are a significant step up in attacks targeting cloud native infrastructure. We expect a further increase in sophistication, the use of evasion techniques and diversity of the attack vectors and objectives, since the widespread the use of cloud native technologies makes them a more lucrative target for bad actors. Security teams are advised to take the appropriate measures both in their pipelines as well as runtime environments, to detect and intercept such attempts.”