Access tokens and service accounts next target for cyberattacks
New research shows 88 percent of security leaders believe machine identities, specifically access tokens and their connected service accounts, are the next big target for attackers.
The survey from Venafi of 800 security and IT decision-makers from large organizations across the US, UK, France and Germany, finds 56 percent have experienced a security incident related to machine identities using service accounts in the last year.
In addition 77 percent of security leaders think AI poisoning will be the new software supply chain attack. A further 84 percent believe supply chain attacks remain a clear and present danger. However, a worrying 61 percent say senior management has taken its focus off supply chain security in the last year.
Security and developer teams continue to clash too, 68 percent of security leaders believe security professionals and developers will always be at odds, with 54 percent feeling they are fighting a losing battle trying to get developers to have a security-first mindset.
"The sleeping dragon is now awake: attackers are now actively exploring cloud native infrastructure," says Kevin Bocek, chief innovation officer at Venafi. "A massive wave of cyberattacks has now hit cloud native infrastructure, impacting most modern application environments. To make matters worse, cybercriminals are deploying AI in various ways to gain unauthorized access and exploiting machine identities using service accounts on a growing scale. The volume, variety and velocity of machine identities are becoming an attacker’s dream."
The study shows 77 percent are concerned about AI poisoning, whereby AI data inputs/outputs are manipulated for malicious purposes. 75 percent are worried about model theft, 73 percent are concerned about the use of AI-led social engineering and a further 72 percent are worried about provenance in the AI supply chain.
While machine identities like access tokens used with service accounts top the list of security incidents with 56 percent, almost as many (53 percent) have experienced incidents related to other machine identities, such as certificates.
Bocek adds, "Attackers are increasingly zoning in on machine identities in cloud native technologies. Security teams must prioritize machine identity security to the same degree as human identities. The great news is that secrets management, certificate lifecycle management (CLM) and cloud native security are available today. An automated, end-to-end machine identity security program means businesses can enhance their cloud native security, ensuring operational stability and business growth."
The full report is available on the Venafi site.
Image credit: denisismagilov/depositphotos.com