A recent report by Datadog has highlighted a concerning trend where almost half of organizations are found to have users with “long-lived” credentials in cloud services, putting them at a higher risk of falling victim to data breaches. These long-lived credentials, such as authentication tokens or keys in the cloud that remain valid for an extended period of time, have been identified as a major security loophole that attackers exploit to compromise sensitive information.
According to the findings in Datadog’s 2024 “State of Cloud Security” report, long-lived credentials are a widespread issue across all major cloud services, including Google Cloud, Amazon Web Services (AWS), and Microsoft Entra. Shockingly, many of these credentials are not even actively used and are often leaked in source code, providing unauthorized access to critical data and application artifacts. The researchers discovered that 62% of Google Cloud service accounts, 60% of AWS IAM users, and 46% of Microsoft Entra ID applications have access keys older than one year, highlighting the magnitude of this security risk.
The presence of long-lived credentials poses a significant challenge for organizations in managing their cloud security effectively, especially at scale. In response to these alarming findings, Datadog experts recommend avoiding the use of long-lived credentials altogether to mitigate the risks associated with unauthorized access and data breaches.
Andrew Krug, head of security advocacy at Datadog, emphasized the need for companies to prioritize modern authentication mechanisms, implement short-lived credentials, and proactively monitor changes to APIs commonly targeted by attackers. Krug noted, “The findings from the State of Cloud Security 2024 report suggest it is unrealistic to expect that long-lived credentials can be securely managed. To protect themselves, companies need to secure identities with modern authentication mechanisms, leverage short-lived credentials, and actively monitor changes to APIs that attackers commonly use.”
In conclusion, the prevalence of long-lived credentials in cloud services poses a significant threat to organizations, making them more susceptible to data breaches and unauthorized access. By heeding the recommendations provided by security experts and adopting best practices in cloud security management, organizations can enhance their defenses against potential security risks and safeguard sensitive information stored in the cloud. It is crucial for organizations to prioritize security measures to prevent the exploitation of long-lived credentials and protect their valuable data from cyber threats.