Misconfigured servers contributed to more than 200 cloud breaches
Misconfigured storage services in 93 percent of cloud deployments have contributed to more than 200 breaches over the past two years, exposing more than 30 billion records, according to a report from Accurics, which predicted that cloud breaches are likely to increase in both velocity and scale.
The researchers found that 91 percent of the cloud deployments analyzed had at least one major exposure that left a security group wide open while in 50 percent unprotected credentials were stored in container configuration files, significant because 84 percent of organizations use containers.
“While the adoption of cloud native infrastructure such as containers, serverless, and servicemesh is fueling innovation, misconfigurations are becoming commonplace and creating serious risk exposure for organizations,” said Accurics Co-founder and CTO Om Moolchandani.
Private credentials with high privileges were embedded in the code in deployments at 41 percent of the organizations that responded to researchers. In 100 percent of deployments, an altered routing rule exposed a private subnet containing sensitive resources such as databases to the internet.
Click here to read more.
Source: SCMagazine
