The cloud is proving to be less of an escape from the security problems facing enterprises in on-premise environments, according to a new report from Alert Logic.
According to a report based on 232,364 verified security incidents between April and September of 2013, cloud hosting provider environments saw a significant increase in attacks, with brute force attacks jumping from 30 percent to 44 percent of Alert Logic’s customers and vulnerability scans increasing from 27 percent to 44 percent. Both these types of incidents have historically been far more likely to target on-premises environments. Now however, they are occurring at nearly equivalent rates both in the cloud and on-premise. Malware and botnet attacks are on the rise for cloud hosting providers as well, though their numbers remain relatively low.
“Although, comparatively, on-premises environments are more frequent targets, this should not undermine the fact that attacks directed at CHPs (cloud hosting providers) have increased significantly and are expected to continue at a rate that matches the accelerated pace of cloud adoption and the continued migration of more valuable workloads to the cloud,” according to the report.
The report is based on the experiences of 2,212 organizations across multiple industries using Alert Logic’s intrusion detection system. CHP environments account for 80 percent of the organizations, while the remaining 20 percent represent on-premise data centers.
“Our intelligence suggests that the increase in cloud attacks observed is correlated to the growth of cloud adoption in the enterprise,” said Stephen Coty, chief security evangelist at Alert Logic, in a statement. “As more enterprise workloads have moved into cloud and hosted infrastructures, some traditional on-premises threats have followed them.”
In order to uncover attack trends in the cloud, Alert Logic used honeypots in public cloud infrastructures around the world to observe different types of attacks as well as their frequency in various places. Overall, researchers found that the highest volume of attacks occurred in Europe, where honeypots had four times the number of attacks as the U.S. and twice as many as Asia. Alert Logic speculated that this was due to the presence of “highly-organized crime circuits” in Russia and Eastern Europe.
“Overall, the data presented in this edition of the Cloud Security Report indicates that the threats in the cloud are growing in two dimensions: the total number of attacks is increasing, and attacks that were historically directed at on-premises environments are now moving to the cloud,” the report states. “Although, comparatively, on-premises environments are more frequent targets, this should not undermine the fact that attacks directed at CHPs have increased significantly and are expected to continue at a rate that matches the accelerated pace of cloud adoption and the continued migration of more valuable workloads to the cloud.”
The research is available for download here.
