Tenable, the publicity administration firm, has launched its 2024 Tenable Cloud Threat Report, which examines the crucial dangers at play in trendy cloud environments. Most alarmingly, practically 4 in 10 organisations globally are leaving themselves uncovered on the highest ranges because of the “poisonous cloud trilogy” of publicly uncovered, critically susceptible and extremely privileged cloud workloads. Every of those misalignments alone introduces danger to cloud information, however the mixture of all three drastically elevates the probability of publicity entry by cyberattackers.
Safety gaps brought on by misconfigurations, dangerous entitlements and vulnerabilities mix to dramatically enhance cloud danger. The Tenable Cloud Threat Report offers a deep dive into probably the most urgent cloud safety points noticed within the first half of 2024, highlighting areas corresponding to identities and permissions, workloads, storage assets, vulnerabilities, containers, and Kubernetes. It additionally presents mitigation steerage for organisations in search of methods to restrict exposures within the cloud.
Publicly uncovered and extremely privileged cloud information results in information leaks. Important vulnerabilities exacerbate the probability of incidents. The report reveals {that a} staggering 38% of organisations have cloud workloads that meet all three of those poisonous cloud trilogy standards, representing an ideal storm of publicity for cyberattackers to focus on.
When dangerous actors exploit these exposures, incidents generally embody utility disruptions, full system takeovers and DDoS assaults which might be typically related to ransomware. Eventualities like these might devastate an organisation, with the 2024 common value of a single information breach approaching US$5-million (supply: IBM Safety Price of a Information Breach Report 2024).
Extra key findings from the report embody:
- Eight-four p.c of organisations have dangerous entry keys to cloud assets: The vast majority of organisations (84.2%) possess unused or longstanding entry keys with crucial or excessive severity extreme permissions, a big safety hole that poses substantial danger.
- Twenty-three p.c of cloud identities have crucial or excessive severity extreme permissions: Evaluation of Amazon Net Companies, Google Cloud Platform and Microsoft Azure reveals that 23% of cloud identities, each human and non-human, have crucial or excessive severity extreme permissions.
- Important vulnerabilities persist: Notably, CVE-2024-21626, a extreme container escape vulnerability that might result in the server host compromise, remained unremediated in over 80% of workloads even 40 days after its publishing.
- Seventy-four p.c of organisations have publicly uncovered storage: Some 74% of organisations have publicly uncovered storage belongings, together with these wherein delicate information resides. This publicity, typically resulting from pointless or extreme permissions, has been linked to elevated ransomware assaults.
- Seventy-eight p.c of organisations have publicly accessible Kubernetes API servers: Of those, 41% additionally permit inbound web entry. Moreover, 58% of organisations have cluster-admin position bindings, which signifies that sure customers have unrestricted management over all of the Kubernetes environments.
“Our report reveals that an amazing variety of organisations have entry exposures of their cloud workloads of which they might not even remember,” stated Shai Morag, chief product officer at Tenable. “It’s not at all times about dangerous actors launching novel assaults. In lots of situations, misconfigurations and over-privileged entry symbolize the best danger for cloud information exposures. The excellent news is, many of those safety gaps may be closed simply as soon as they’re identified and uncovered.”
The report displays findings by the Tenable Cloud Analysis workforce based mostly on telemetry from billions of cloud assets throughout a number of public cloud repositories, analysed from 1 January to 30 June 2024.
To obtain the report as we speak, go to www.tenable.com/cyber-exposure/tenable-cloud-risk-report-2024.
About Tenable
Tenable is the publicity administration firm, exposing and shutting the cybersecurity gaps that erode enterprise worth, popularity and belief. The corporate’s AI-powered publicity administration platform radically unifies safety visibility, perception and motion throughout the assault floor, equipping trendy organisations to guard towards assaults from IT infrastructure to cloud environments to crucial infrastructure and in every single place in between. By defending enterprises from safety publicity, Tenable reduces enterprise danger for greater than 44 000 prospects across the globe. Study extra at tenable.com.
Don’t miss:
Automation is essential to information safety in cloud environments
