Mumbai: Check Point Research (CPR) reports a 48% YoY increase in cloud-based cyberattacks for 2022, as organisations increasingly move operations to the cloud due to escalated digital transformation.
Asia (+60%) saw the highest increase, followed by Europe (+50%) and North America (+28%). CPR finds that hackers are leveraging newer CVEs from the past two years to attack via the cloud when compared to on-premises attacks.
CPR warns organisations that cloud-based cyberattacks can lead to damaging data loss, malware and ransomware attacks. Check Point Research (CPR) reports significant increases in cyberattacks on cloud-based networks.
By the numbers:
- 48% increase in the number of cloud-based network cyberattacks in 2022, compared to 2021
- 60% increase in Asia in the number of cloud-based network cyberattacks in 2022, compared to 2021
- 50% increase in Europe in the number of cloud-based network cyberattacks in 2022, compared to 2021
- 28% Increase in North America in the number of cloud-based network cyberattacks in 2022, compared to 2021
Emphasis on recent CVEs
In recent cloud-based cyberattacks, newer CVE’s (disclosed 2020-2022) are being leveraged more compared to on-prem networks for attempted attacks on cloud-based networks.
Further analysis of specific high-profile global vulnerabilities revealed that some major CVE’s have had a higher impact on cloud-based networks compared to on-prem.
In essence, the overwhelming amount of data in the cloud leads to even more impactful attacks given its extent and content once breached. In the absence of proper security, networks tend to be easier to exploit, which sometimes gets deployed on other platforms on-prem.
Examples of prominent CVEs disclosed this year that have shown a similar trend:
- VMware Workspace Remote Code Execution (CVE-2022-22954) – 31% higher impact on cloud-based networks
- Text4shell Vulnerability (CVE-2022-42889) – 16% higher impact on cloud-based environments compared to its impact against on-prem networks
- Microsoft Exchange Server Remote Code Execution (CVE-2022-41082) – 17% higher impact on cloud-based networks
- F5 BIG IP (CVE-2022-1388) – 12% higher impact on cloud-based networks
- Atlassian Confluence—Remote Code Execution (CVE-2022-26134) – 4% higher impact on cloud-based networks
“Enterprise attack surfaces have fast-expanded in a short amount of time. Digital transformations and remote work due to the COVID pandemic have accelerated the move to the cloud. Hackers are quickly following,” says Omer Dembinsky, Data Group Manager – Check Point Software.
“These organisations have been challenged to secure distributed workforce, while at the same time, are dealing with a shortage of skilled security staff,” adds Dembinsky.
Data loss, malware and ransomware attacks are among the top threats that organisations face in the cloud, according to Dembinsky.
“Cloud applications and services are a prime target for hackers because misconfigured services and recent CVEs are leaving them exposed to the internet and vulnerable to simple cyberattacks,” concludes Dembinsky.