Cloud Threats on the Rise: Alert Trends Show Intensified Attacker Focus on IAM, Exfiltration
1 min read
Summary
Cloud infrastructure is under increasing attack, with attackers proactively targeting cloud resources
A variety of sensitive cloud-based resources — including identity and access management (IAM), storage, virtual machines and containers — are targeted, indicating a heightened level of attacks against cloud infrastructure, as shown in Table 1.
Between January and December 2024, cloud environments saw almost five times as many daily alerts relating to potential security incidents, with high-priority alerts increasing by 235% over the year.
There was a 388% increase in the average number of alerts experienced by organizations.
High severity cloud alerts were the source of twice the number of daily alerts relating to runtime events, rather than to cloud configuration.
There was a notable increase in the number of suspicious downloads of cloud storage objects and images, as well as an increased number of cloud snapshot exports.
Cloud environments need to be secured with both foundational cloud security tools and tools that can detect and prevent malicious runtime operations.
A combination of runtime monitoring, analysis and response for cloud resource event logging is essential to ensure that malicious operations are not allowed to function within cloud environments.
