Check Point Research (CPR) reports a 48% YoY increase in cloud-based cyberattacks for 2022, as organisations increasingly move operations to the cloud due to escalated digital transformations.
The largest increases were seen in Asia (+60%), followed by Europe (+50%) and North America (+28%).
CPR finds that hackers are leveraging newer CVEs from the past two years to attack via the cloud, when compared to on-premise attacks.
CPR warns organisations that cloud-based cyberattacks can lead to damaging data loss, malware and ransomware attacks and offers five cyber safety tips.
The compan reports significant increases in cyberattacks on cloud-based networks.
The numbers are:
* 48% increase in the number of cloud-based network cyberattacks in 2022, compared to 2021;
* 60% increase in Asia in the number of cloud-based network cyberattacks in 2022, compared to 2021;
* 50% increase in Europe in the number of cloud-based network cyberattacks in 2022, compared to 2021; and
* 28% Increase in North America in the number of cloud-based network cyberattacks in 2022, compared to 2021.
Emphasis on recent CVEs
In recent cloud-based cyberattacks, newer CVEs (disclosed 2020-2022) are being leveraged more compared to on-prem networks for attempted attacks on cloud-based networks. The difference between the two types of networks can be seen in the visual below.
Further analysis of specific high profile global vulnerabilities revealed that some major CVE’s have had a higher impact on cloud-based networks compared to on-prem. In essence, the overwhelming amount of data in the cloud leads to even more impactful attacks given its extent and content once breached. Networks tend to be easier to exploit in the absence of proper security which is sometimes deployed on other platforms on-prem.
Examples of prominent CVEs disclosed this year that have shown a similar trend include:
* VMware Workspace Remote Code Execution (CVE-2022-22954) – 31% higher impact on cloud-based networks.
* Text4shell Vulnerability (CVE-2022-42889) – 16% higher impact on cloud-based environments compared to its impact against on-prem networks.
* Microsoft Exchange Server Remote Code Execution (CVE-2022-41082) – 17% higher impact on cloud-based networks.
* F5 BIG IP (CVE-2022-1388) – 12% higher impact on cloud-based networks.
* Atlassian Confluence – Remote Code Execution (CVE-2022-26134) – 4% higher impact on cloud-based networks.
Omer Dembinsky, data group manager at Check Point Software, comments: “Enterprise attack surfaces have fast-expanded in a short amount of time. Digital transformations and remote work due to the Covid pandemic have accelerated the move to the cloud. Hackers are quickly following. These organisations have been challenged to secure distributed workforce, while at the same time, are dealing with a shortage of skilled security staff.
“Data loss, malware and ransomware attacks are among the top threats that organisations face in the cloud. Cloud applications and services are a prime target for hackers because misconfigured services and recent CVEs are leaving them exposed to the internet and vulnerable to simple cyberattacks.”