Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Attacks Targeting Cloud Hosting Providers Rise: Alert Logic

The cloud is proving to be less of an escape from the security problems facing enterprises in on-premise environments, according to a new report from Alert Logic.

The cloud is proving to be less of an escape from the security problems facing enterprises in on-premise environments, according to a new report from Alert Logic.

According to a report based on 232,364 verified security incidents between April and September of 2013, cloud hosting provider environments saw a significant increase in attacks, with brute force attacks jumping from 30 percent to 44 percent of Alert Logic’s customers and vulnerability scans increasing from 27 percent to 44 percent. Both these types of incidents have historically been far more likely to target on-premises environments. Now however, they are occurring at nearly equivalent rates both in the cloud and on-premise. Malware and botnet attacks are on the rise for cloud hosting providers as well, though their numbers remain relatively low.

Attacks Target Cloud Providers“Although, comparatively, on-premises environments are more frequent targets, this should not undermine the fact that attacks directed at CHPs (cloud hosting providers) have increased significantly and are expected to continue at a rate that matches the accelerated pace of cloud adoption and the continued migration of more valuable workloads to the cloud,” according to the report.

The report is based on the experiences of 2,212 organizations across multiple industries using Alert Logic’s intrusion detection system. CHP environments account for 80 percent of the organizations, while the remaining 20 percent represent on-premise data centers. 

“Our intelligence suggests that the increase in cloud attacks observed is correlated to the growth of cloud adoption in the enterprise,” said Stephen Coty, chief security evangelist at Alert Logic, in a statement. “As more enterprise workloads have moved into cloud and hosted infrastructures, some traditional on-premises threats have followed them.”

In order to uncover attack trends in the cloud, Alert Logic used honeypots in public cloud infrastructures around the world to observe different types of attacks as well as their frequency in various places. Overall, researchers found that the highest volume of attacks occurred in Europe, where honeypots had four times the number of attacks as the U.S. and twice as many as Asia. Alert Logic speculated that this was due to the presence of “highly-organized crime circuits” in Russia and Eastern Europe.

“Overall, the data presented in this edition of the Cloud Security Report indicates that the threats in the cloud are growing in two dimensions: the total number of attacks is increasing, and attacks that were historically directed at on-premises environments are now moving to the cloud,” the report states. “Although, comparatively, on-premises environments are more frequent targets, this should not undermine the fact that attacks directed at CHPs have increased significantly and are expected to continue at a rate that matches the accelerated pace of cloud adoption and the continued migration of more valuable workloads to the cloud.”

The research is available for download here.

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.