'Toxic cloud triad' puts four in 10 organizations at risk
It might sound like a Chinese secret society, but a new report warns that a 'toxic cloud triad' of publicly exposed, critically vulnerable and highly privileged cloud workloads is putting almost four in 10 organizations at risk.
Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk according to the Tenable Cloud Risk Report.
The report reveals that 38 percent of organizations have cloud workloads that meet all three of these toxic cloud criteria, representing a perfect storm of exposure for cyber attackers to target. When bad actors exploit these exposures, incidents commonly include application disruptions, full system takeovers, and DDoS attacks that are often associated with ransomware.
Among the findings are that 84.2 percent possess unused or longstanding access keys with critical or high severity excessive permissions, a significant security gap that poses substantial risk. In addition analysis of Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure reveals that 23 percent of cloud identities, both human and non-human, have critical or high severity excessive permissions.
Critical vulnerabilities, notably, CVE-2024-21626, a severe container escape vulnerability that could lead to the server host compromise, remained unremediated in over 80 percent of workloads even 40 days after its publication.
The report also finds 74 percent of organizations have publicly exposed storage assets, including those in which sensitive data resides, and 78 percent of organizations have publicly accessible Kubernetes API servers.
"Our report reveals that an overwhelming number of organizations have access exposures in their cloud workloads of which they may not even be aware," says Shai Morag, chief product officer, Tenable. "It's not always about bad actors launching novel attacks. In many instances, misconfigurations and over-privileged access represent the highest risk for cloud data exposures. The good news is, many of these security gaps can be closed easily once they are known and exposed."
You can get the full report from the Tenable site.
Image credit: realinemedia/depositphotos.com