Security News > 2021 > November > Cloud Security: Don’t wait until your next bill to find out about an attack!
Firstly, crooks show up fast: occasionally, it takes them days to find newly-started, insecure cloud instances and break in, but Google wrote that discover-break-and-enter times were "As little as 30 minutes."
Importantly, in our research, the cloud instances we used weren't the sort of cloud server that a typical company would set up, given that they were never actually named via DNS, advertised, linked to, or used for any real-world purpose.
We've seen crooks printing out ransom notes on every printer in the company, and threatening employees individually using highly personal stolen data such as social security numbers.
Patches for security holes are routinely reverse-engineered to work out how to exploit them, often by security researchers who then make them public, supposedly to educate everyone about the risks.
Don't wait until your next cloud bill arrives before finding out that there are criminals racking up fees and kicking off attacks on your dime.
Think of it like this: sorting out your cloud security is the best sort of altruism.
News URL
Related news
- Whitepaper: Reach higher in your career with cloud security (source)
- Transforming cloud security with real-time visibility (source)
- Top 5 Cloud Security Automations for SecOps Teams (source)
- Microsoft lost some customers’ cloud security logs (source)
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)