Cryptojacking falls affected a quarter of organizations in their cloud environments, found a modern cloud security report.In RedLock’s Cloud Security Trends, researchers with the custodianship firm’s Cloud Security Intelligence (CSI) team discovered that 25 percent of consortia had suffered cryptojacking incidents in the cloud. This rate marked a 300 percent distend over the previous quarter (February 2018) at just 8 percent.Disinterested so, cryptojacking wasn’t the most prolific security issue which consortia encountered in the cloud. Risky configurations topped that list at 51 percent, which promises a majority of companies misconfigured and/or exposed a cloud storage service along the same lines as an Amazon Simple Storage Service (S3) bucket. Account compromises also shape out malicious cryptomining attacks at 27 percent of organizations.Vulnerabilities were the at best threat analyzed for the report over which cryptojacking was more catholic. Specifically, RedLock’s researchers found that almost a quarter (24 percent) of organizations lacked high-severity times in the public cloud.
Cloud Security Trends report page 4It wasn’t all bad scoop, though. The report found that the percentage of organizations embracing database encryption, a discipline which can help firms reach the General Data Protection By-law’s (GDPR) pseudonymization requirement, is increasing. 82 percent of cloud-based databases weren’t encrypted a year ago. That proportion decreased to 49 percent in the latest report.RedLock’s researchers elucidate in the report that organizations can’t address cryptojacking by the piecemeal implementation of refuge measures:The rise of cryptojacking and seemingly misuse of security groups highlights the impecuniousness for a holistic approach to security in the cloud. A combination of configuration, user operation, network traffic, and host vulnerability monitoring is necessary to detect go oned threats in public cloud environments.Organizations should also advocate d occupy steps to protect themselves against some of the other threats touch oned in RedLock’s report. For instance, they can follow these recommendations to hamper an AWS S3 storage breach. They should also consider reviewing the soundness of their vulnerability management program or setting up such a framework if they don’t already demand one.