Cloud attacks grow in cost and scale
A new report from Sysdig highlights the growing cost and scale of cloud attacks and the evolution of tactics being used by attackers.
Among the findings are that over $100,000 is lost per day to AI resource jacking. It hasn't taken long for threat actors to leverage stolen cloud access to exploit large language models (LLMs), as illustrated by an LLMjacking attack that left one victim on the hook for $30,000 in just three hours. Left unchecked, an LLMjacking operation can cost more than $100,000 per day.
While some cloud attacks deliver swift, high-impact financial blows, others are conducted more subtly. For example, while Meson Network (MSN) attackers were able to automate 500+ new cryptomining instances every 20 seconds using a compromised cloud account, other groups like RUBYCARP have been able to siphon victim resources for a decade.
As the cloud evolves, so do attackers. For instance, less than one month after the release of the SSH-Snake research, CRYSTALRAY threat actors were discovered weaponizing the open source network mapping tool to harvest over 1,500 account credentials.
"Proactive security programs should always assume compromise," says Michael Clark, head of Sysdig Threat Research. "Cyberattacks will continue, likely at a greater frequency, and prevention alone is simply insufficient as attackers' means of defense evasion continue to mature. Resilience following a cyberattack will keep business moving as cloud attacks will continue to become faster, more sophisticated, and more expensive year over year."
As we head towards 2025 the researchers expect attackers will continue to use automation to expedite their kill chain for faster, large‐scale data exfiltration, intelligence collection, and financial gain. They also anticipate attackers both targeting and using new, innovative technologies and tools for these same reasons. We have already witnessed the early stages of the AI‐cybersecurity struggle in 2024 and the report suggests there will be a lot more to come in 2025.
You can find out more and get the 2024 Global Threat Year-in-Review report on the Sysdig blog.
Image credit: achirathep/depositphotos.com