In its latest annual security report, Check Point Software, a leading provider of cybersecurity solutions to businesses and governments worldwide, reflected on what has been a volatile twelve months in the cybersecurity industry. The threat landscape is more complex than ever, and risks remain at an all-time high. Therefore, a new approach to safety in cloud in 2023 and it is crucial to realize that simply offering training courses is not enough.
There is a constant need for vigilance when it comes to cybersecurity in the cloud and while the shift to hybrid work was an inevitable pivot post-pandemic (COVID-19), also made it easier for cybercriminals to exploit companies across the supply chain network. When comparing the last two years, we have seen a significant increase in the number of attacks per organization on networks based in cloud, which increased by 48% in 2022 compared to 2021.
In addition to attempts to exploit vulnerabilities, cloud environments have become both the source and target of security incidents and breaches involving inadequate access management, sometimes combined with the use of compromised credentials. In March 2022, the group of ransomware Lapsus $ announced, in a communiqué in his group of Telegram, who had gained access to the Okta, an identity management platform. O Lapsus $ has a history of publishing confidential information, often source code, stolen from high-profile technology companies such as Microsoft, NVIDIA and Samsung. However, this time, the actors claim that their target was not the girl herself. Okta, but your customers.
After the breach, Okta released an official statement revealing that approximately 2,5% of its customers were affected by the breach of Lapsus $, about 375 companies, according to independent estimates. O Okta, a software based on cloud, is used by thousands of companies to manage and secure user authentication processes, as well as by developers to create identity controls. This means that hundreds of thousands of users around the world could potentially be compromised by the company responsible for their security.
What is the reason for the increase in chain attacks supply?
Being an agile and unlimited storage space, the cloud it allows users to store sensitive data and perform complex tasks that cannot be done on traditional servers, which makes it an attractive proposition for cybercriminals.
According to Gartner, 60% of organizations currently work with more than 1000 third-party vendors, all of which are critical to their success, but which will leave users vulnerable to an unprecedented level of risk. Gartner also predicts that by 2025, 45% of organizations worldwide will have experienced cyberattacks in their software supply chains, three times more than in 2021.
Why should cloud security be a priority in 2023?
The platforms cloud represent a gold mine for malicious actors, especially considering the size of supply chain networks. cloud from many organizations. Once a hacker gets in, they have carte blanche to act however they want. It could be anything from injecting malicious content to infect users or wiping all data stored on a given platform.
Ensuring that cloud platform security protocols are correctly configured should be a top priority for organizations and their supply chain networks, otherwise your data and your customers' data are at significant risk.
A incorrect configuration of platforms cloud it is not a new problem, as it currently affects millions of users and is often the result of a lack of awareness, adequate policies and security training. But how can organizations solve the problem? Simply raising employee awareness and training is not enough. Conducting meaningful testing along with robust security measures is the only way to better protect organizations from the threat of supply chain attacks. cloud.
