Security News > 2021 > September > Enterprising criminals are selling direct access to cloud accounts

Enterprising criminals are selling direct access to cloud accounts
2021-09-06 04:30

Lacework released its cloud threat report, unveiling the new techniques and avenues cybercriminals are infiltrating to profit from businesses.

The rapid shift of applications and infrastructure to the cloud creates gaps in the security posture of organizations everywhere.

"Last year alone, cybercrime and ransomware attacks cost companies $4 billion in damages. As more companies shift to cloud environments, we're seeing an increase in demand for stolen access to cloud accounts and evolving techniques from cybercriminals, making enterprises even more vulnerable to cloud threats."

Illicit access into cloud infrastructure of companies with valuable data/resources or wide-reaching access into other organizations offers attackers an incredible return on investment.

In particular, Amazon AWS, Google Cloud, and Azure administrative accounts are gaining popularity in underground marketplaces.

Monero and XMRig are the most common accounts for cryptomining against cloud resources, hence activity involving lesser-seen coins and tools may be more likely to go undetected.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/BhTa-5Z9j1s/