More than half of organizations using cloud services like Amazon Simple Storage Service (S3) have inadvertently exposed at least one of these services to the public, up from 40% earlier this year.
The data comes from cloud security firm RedLock, which has released its latest "Cloud Security Trends" report examining major threats and vulnerabilities in the public cloud from June through September 2017. Their findings indicate more businesses are exposing data, neglecting vulnerabilities in the cloud, and not paying attention to how compromised users are putting them at risk.
Researchers determined 38% of organizations have experienced the potential compromise of an administrative user account in their public cloud computing environment. More than 80% of businesses are not managing host vulnerabilities in the cloud, and 37% of databases accept inbound connection requests from the Internet. Seven percent of those receive requests from suspicious IP addresses, a sign they have been compromised.
They also discovered cybercriminals are using the computing power of British insurance company Aviva to mine bitcoin. They did this by taking over the organization's Kubernetes administration consoles, which lacked password protection, in the public cloud.
Read more details here.
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.