Credentials fuels cloud security intrusions

Share post:

Valid, compromised account credentials were the initial access vector for more than one in three cloud intrusions last year according to IBM Security X-Force, making it the most common point of entry across all cloud security incidents.

Credentials used as an initial access vector for cloud intrusions jumped from 9% in 2022 to 36% this year, IBM Security X-Force said in its cloud threat landscape report.

The report also found that over 35% of cloud security incidents occurred from attackers’ use of valid, compromised credentials. According to the report, credentials are the most popular asset for sale on dark web marketplaces, accounting for nearly 90% of listings.

The average price for stolen credentials is $10.68. Meanwhile, Microsoft Outlook Cloud credentials were the most popular access for sale on the dark web, representing more than 5 million mentions. Phishing attacks and the exploitation of public-facing applications tied for the second-most prevalent point of entry during the reporting period with each claiming about 14% of all cloud security incidents.

The report also highlights the growing risk of cloud-related vulnerabilities, with X-Force observing a nearly 200% increase in new cloud related CVEs from the prior year. Europe was the hardest-hit region in terms of cloud security incidents, with 64% of the incidents X-Force responded to involving European organizations.

The sources for this piece include an article in CIODIVE.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Akamai technology uses edge computing to take on AWS, Azure and Google Cloud

Akamai Technologies is strategically expanding its cloud computing footprint through a focus on edge computing, aiming to challenge...

Broadcom’s VMWare changes make tech leaders look for possible escape route

Broadcom's significant overhaul of VMware is generating buzz within the tech industry, especially among Chief Information Officers (CIOs),...

Broadcom shakes up VMWare partner network

Broadcom's hefty $61 billion acquisition of VMware is turning the virtualization world upside down, especially for Cloud Services...

Dropbox AI offering sparks privacy concerns

Dropbox recently sparked concerns among its users with a new AI-powered search feature that shares data with OpenAI...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways