Companies have embraced the cloud and accelerated adoption, but with insider access to infrastructure even more available, can businesses defend their expanded attack surface?
The pandemic pushed companies to accelerate their adoption of cloud services, infrastructure, and workloads to support a growing remote workforce, but the shift has redefined who represents an insider threat — nearly anyone, and any workload, with a set of credentials.
No wonder, then, that attackers are increasingly taking aim at cloud services and infrastructure using credential stuffing, phishing, and other identity attacks. An estimated 85% of Web application attacks used stolen credentials in 2021, according to Verizon’s annual “Data Breach Investigations Report,” while Microsoft estimates that 70% of attacks start with phishing, another identity-focused attack.
These are not new tactics on the part of adversaries, but they show that they are making use of the growing attack surface area, says Carolyn Crandall, chief security advocate at Attivo Networks, an identity detection and response firm.
“With the move to a hybrid workforce and the migration to AWS and Azure environments, this has been very difficult for security teams to manage,” she says. “It is not necessarily that the attacks are changing to take greater advantage of identities as much as it is that this is a new attack surface that is very large that has made the risks exponentially higher.” Read more:https://bit.ly/35NeShn