Four out of five (80.3%) security vulnerabilities seen in organizations across all industries come from a cloud environment, Palo Alto Networks Unit 42 found in its latest attack surface threat research.
The report, released September 14, 2023, describes the most common cloud security breaches, 60% of which come from web framework takeover (22.8%), remote access services (20.1%) and IT security and network infrastructure (17.1%).
New services turn out to be a big deal
He also highlighted how constant changes in cloud offerings have a significant impact on end-user exposure.
Researchers found that more than 45% of most organizations’ cloud-hosted high-risk exposures in a given month were observed on new services that were not present on the cloud attack surface. their organization during the previous month.
This finding wouldn’t be too concerning if cloud providers weren’t so volatile. But they are: Unit 42 estimates that on average, more than 20% of externally accessible cloud services change every month.
This volatility is even more acute in the transportation and logistics as well as insurance and finance industries, where organizations face 27% and 24% cloud offerings changing on a monthly basis.
How to mitigate cloud vulnerabilities
To protect against these types of attack surface vulnerabilities, Unit 42 suggested That organizations consider an attack surface management program to continuously discover, prioritize, and remediate exposures on their attack surface.
The Threat Research team also provided a list of mitigation recommendations. These include:
- Maintain a complete, real-time understanding of all assets accessible on the Internetincluding cloud-based systems and services.
- Review and update cloud configurations regularlyaligning with best practices to mitigate security risks.
- Foster collaboration between security and DevOps teams to secure the development and deployment of cloud-native applications.
- Focus on resolving the most critical vulnerabilities and exposuressuch as those with a high Common Vulnerability Scoring System (CVSS) score – which takes into account severity – and an Exploit Prediction Scoring System (EPSS) score – which takes into account probability – to reduce the chances of successful cyberattacks .