Security News > 2022 > November > 33% of attacks in the cloud leverage credential access
Elastic released the 2022 Elastic Global Threat Report, detailing the evolving nature of cybersecurity threats, as well as the increased sophistication of cloud and endpoint-related attacks.
33% of attacks in the cloud leverage credential access, indicating that users often overestimate the security of their cloud environments and consequently fail to configure and protect them adequately.
Nearly 57% of cloud security telemetry came from AWS, followed by 22% for Google Cloud and 21% for Azure.
AWS: More than 74% of alerts related to credential access, initial access, and persistence tactics, with nearly 57% of techniques related to attempted application access token theft-one of the most common forms of credential theft in the cloud.
Nearly 77% of all credential access techniques are attributed to OS credential dumping with commonly known utilities.
While credential access techniques have long been a priority for attackers, adversary investment in defense evasion techniques indicates a reaction to improvements in security technologies that have been impacting their success.