Unit 42 Uncovers 34M Security Flaws Across Major Clouds
More than 34 million vulnerabilities across various major cloud providers including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud show companies still struggle to secure public cloud platforms, according to a Unit 42 report.
Unit 42 is Palo Alto Networks’ threat intelligence group. Its latest Cloud Threat Report, based on intelligence gathered from multiple data sources between January 2018 and late June 2019, found that 65% of reported incidents resulted from cloud misconfigurations. As a result, data leakage is the primary outcome of public cloud infrastructure attacks.
Researchers also found poor on-premises security habits — like not patching software — carry over to public cloud. Millions of the vulnerabilities discovered originated from applications running on cloud providers’ infrastructure, such as outdated Apache servers and vulnerable jQuery packages.
This includes:
- 29,128,902 vulnerabilities in Amazon Elastic Compute Cloud (EC2)
- 1,715,855 in Azure Virtual Machine
- 3,971,632 in Google Cloud Platform Compute Engine
Companies should consolidate vulnerability management tools to create a cloud-centric view, Unit 42 says.
Containers pose another major security risk. Researchers found more than 40,000 container systems were operating under default configurations. This is nearly 51% of all publicly exposed Docker containers. Many of these systems allowed unauthenticated users to access data in these containers.
Unit 42 has been tracking the China-based hacking group Rocke for some time, and found 28% of organizations had established communications with malicious cryptomining C2 domains operated by the group.
In January, Unit 42 reported on new cryptomining malware by Rocke that specifically targeted public clouds and could uninstall cloud security software.
MTCHT
ICT
TECHNOLOGICAL INNOVATIONS
POST
ABOUT US
NEWS
INTERESTING
INTERVIEW
ANALYSIS
ONLAIN LESSONS
