A report published this week by Sysdig predicts global cyberattacks will cost over $100 billion in 2025 based on the fact that the average cost of a public cloud breach alone has eclipsed $5 million, with the number of attacks having increased 154% year over year.
Crystal Morin, cybersecurity strategist for Sysdig, said those increased costs are being driven by both new and existing threats. For example, cybercriminals are already engaged in efforts to hijack large language models (LLMs) typically hosted in cloud computing environments. One incident already resulted in a $30,000 bill in just three hours.
At the same time, cryptojacking incidents continue to increase at a fast and furious rate. Sysdig has been able to identify more than 500 cryptomining instances where compromised accounts were used to access IT infrastructure every 20 seconds.
That core issue is that there are still far too many techniques that cybercriminals can employ to steal cloud credentials. For example, less than a month after the recent disclosure of another SSH protocol flaw, it was discovered a CRYSTALRAY syndicate was attempting to weaponize an open-source network mapping tool to harvest more than 1,500 account credentials.
In general, cybercriminals are also becoming more adept at evading legacy cybersecurity defenses, noted Morin. There are also more individuals than ever willing to participate in these attacks given the current state of the global economy, she added.
At the same time, workloads being deployed in the cloud are more mission-critical than ever in the age of AI, noted Morin. In effect, the cloud security stakes are rising, she said.
It may be challenging to accurately assess the total cost of a breach. However, many organizations are still not doing enough to safeguard credentials and limit the potential blast radius of a cybersecurity breach. At the same time, many cybercriminals are now using those stolen credentials to insert themselves into workflows for extended amounts of time as part of an effort to inflict maximum damage.
Although organizations have now been making use of cloud computing resources for years, there is still clearly work to be done. A decade after the first instances of cloud computing were made available many organizations still find navigating the shared cloud security responsibility model challenging. Far too many application developers provision cloud resources still assume the providers of these services are doing more than securing the underlying infrastructure, resulting in misconfigurations that create vulnerabilities, such as open ports through which cybercriminals can exfiltrate valuable data.
In most cases, a data breach can still be traced back to a fundamental mistake, rather than any extraordinary effort made on the part of cybercriminals who mostly don’t see the need to do anything more challenging than stealing a readily available credential.
Like it or not, securing cloud computing environments requires additional investments in tools, processes and platforms. The important thing to remember is that as the value of the assets being deployed in the cloud increases, so too does the potential cost of a breach that in most cases is going to far exceed the cost of investing in additional cloud security.
Recent Articles By Author