Machine identity attacks grow more than 400 percent

The number of reported machine identity-related cyberattacks grew by 433 percent between 2018 and 2019, according to a new report from Venafi.

Between 2015 and 2019, the number of reported cyberattacks that used machine identities grew by more than 700 percent. Over the same period the number of vulnerabilities involving machine identities grew by 260 percent, increasing by 125 percent between 2018 and 2019.

"We have seen machine use skyrocket in organizations over the last five years, but many businesses still focus their security controls primarily on human identity management," says Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. "Digital transformation initiatives are in jeopardy because attackers are able to exploit wide gaps in machine identity management strategies. The COVID-19 pandemic is driving faster adoption of cloud, hybrid and microservices architectures, but protecting machine identities for these projects are often an afterthought. The only way to mitigate these risks is to build comprehensive machine identity management programs that are as comprehensive as customer, partner and employee identity and access management strategies."

The report shows the use of commodity malware that abuses machine identities doubled between the years 2018 and 2019 and grew 300 percent over the five years leading up to 2019. Also between 2015 and 2019, the number of reported advanced persistent threats (APTs) that used machine identities grew by 400 percent, increasing by 150 percent between 2018 and 2019.

Yana Blachman, threat intelligence researcher at Venafi says:

As our use of cloud, hybrid, open source and microservices use increases, there are many more machine identities on enterprise networks -- and this rising number correlates with the accelerated number of threats. As a result, every organization’s machine identity attack surface is getting much bigger.

Although many threats or security incidents frequently involve a machine identity component, too often these details do not receive enough attention and aren't highlighted in public reports. This lack of focus on machine identities in cyber security reporting has led to a lack of data and focus on this crucial area of security. As a result, the trends we are seeing in this report are likely just the tip of the iceberg.

The full report is available from the Venafi site.

Photo Credit: Jirsak/Shutterstock