In a recent study conducted on cloud security vulnerabilities, it was revealed that a staggering 74% of organizations have publicly exposed storage containing sensitive data. The main reason behind this exposure was found to be unnecessary or excessive permissions granted to these storage resources. With the increasing use of cloud-native applications by organizations, the amount of sensitive data stored in the cloud has also been on the rise. This includes customer and employee information, as well as valuable business intellectual property, making cloud storage an attractive target for hackers.
During the reporting period, a significant number of ransomware attacks were observed targeting cloud storage resources with excessive access privileges. These attacks could have been prevented if proper security measures had been in place to restrict access to sensitive data.
A detailed analysis of the exposed storage telemetry revealed that 39% of organizations have public buckets, while 29% have either public or private buckets with overprivileged access. Additionally, 6% of organizations have public buckets with overprivileged access, further increasing the risk of data exposure.
However, the security concerns extend beyond just storage. The study also found that a troubling 84% of organizations have unused or longstanding access keys with critical or high severity excessive permissions. These keys have been implicated in various identity-based attacks and compromises, such as the MGM Resorts data breach, the Microsoft email hack, and the FBot malware targeting web servers and cloud services. The misuse of access keys highlights the importance of proper identity and access management practices in cloud security.
One of the core risks associated with identity and access management (IAM) is the misuse of access keys and the permissions assigned to them. These keys essentially serve as the “keys to the kingdom” of cloud-stored data, making them highly valuable targets for threat actors.
Moreover, the study revealed that 23% of cloud identities on major hyperscalers like Amazon Web Services, Google Cloud Platform, and Microsoft Azure have critical or high severity excessive permissions. This includes both human and non-human identities, further complicating the security landscape of cloud environments.
According to Scott Young, principal advisory director at Info-Tech Research Group, the prevalence of security vulnerabilities in cloud environments can be partially attributed to human nature. As organizations continue to adopt cloud technologies and store increasing amounts of sensitive data in the cloud, it is crucial for them to prioritize strong security practices to safeguard against potential threats.
In conclusion, the study highlights the urgent need for organizations to reevaluate their cloud security posture and implement robust security measures to protect their valuable data stored in the cloud. By addressing the issues of excessive permissions, unused access keys, and improper identity management, organizations can mitigate the risks associated with cloud security vulnerabilities and prevent unauthorized access to sensitive information.