Wednesday, May 22, 2024

Over 80 percent of organizations have open ports on public-facing cloud assets


A new report reveals that 81 percent of organizations have public-facing neglected cloud assets with open ports, making them prime targets for attackers who routinely perform reconnaissance to detect exposed ports and known vulnerabilities.

The report from Orca Security is based on analysis of data from billions of cloud assets on AWS, Azure, Google Cloud, Oracle Cloud, and Alibaba Cloud scanned by the Orca Cloud Security Platform in 2023.

“The past year has seen shrinking budgets and an unprecedented economic climate that’s put cybersecurity defenders at a disadvantage,” says Gil Geron, CEO and co-founder of Orca Security. “As attackers become increasingly sophisticated by leveraging AI and new attack vectors, and with most organizations utilizing three or more cloud service providers, cloud environments have become more complex than ever before. Despite these challenges, security teams can stay one step ahead of their attackers, not by trying to address all risks, but by prioritizing and efficiently remediating the most critical risks that put their business critical assets at risk.”

Among other findings 21 percent of organizations have at least one public-facing storage bucket with sensitive data that should not be publicly accessible, increasing the risk of data theft and extortion, ransomware, reputational damage and regulatory penalties.

Also 82 percent of organizations have a Kubernetes API server that is publicly accessible, marking a 12 percent increase from last year’s report. Machine learning models built using cloud-based AI platforms like Amazon SageMaker are at risk too, with 82 percent of SageMaker users having at least one notebook exposed to the internet where malicious actors can gain unauthorized access to proprietary code which could even lead to remote code execution.

There’s a worrying lack of basic security hygiene as well, for example, 61 percent of organizations have a root user or account owner without multi-factor authentication.

You can read more and get the full report on the Orca blog.

Image credit: Leowolfert/

Read more

Local News