A new report from IBM X-Force looks at the biggest risks enterprises are facing and highlights how attackers know that credentials are the keys to cloud environments, making them highly sought-after on dark web marketplaces.
Attackers are using phishing, keylogging, watering hole and brute force attacks to harvest credentials. Also dark web research highlights the popularity of infostealers, used to steal cloud platform and service-specific credentials.
Over the past two years, phishing has accounted for 33 percent of cloud-related incidents, with attackers often using phishing to harvest credentials through adversary-in-the-middle (AITM) attacks.
Business Email Compromise (BEC), where attackers spoof email accounts posing as someone within the victim organization or another trusted organization, account for 39 percent of incidents over the past two years. Threat actors commonly employ harvested credentials from phishing attacks to take over email accounts and conduct further malicious activities.
The report also indicates continued demand for cloud credentials on the dark web, despite market saturation. Gaining access via compromised cloud credentials is the second most common initial access vector at 28 percent, despite overall mentions of SaaS platforms on dark web marketplaces, decreasing by 20 percent compared to 2023.
Austin Zeizel, strategic cyber threat analyst with IBM X-Force, writes on the company’s blog, “Cloud security is especially relevant in today’s business environment, with enterprises increasingly migrating their critical business data from on-prem solutions to cloud environments. Alongside this technology migration is an evolving cyber threat landscape, where threat actors are actively seeking to compromise organizations’ heavy reliance on cloud infrastructure, particularly those handling sensitive business data. This growing dependence on cloud infrastructure has only widened the attack surface for threat actors to exploit, and why securing the cloud is more crucial than ever.”
You can read more and get the full report on the X-Force blog.
Image credit: akeporphoto88/depositphotos.com