Security News > 2023 > June > Uncovering attacker tactics through cloud honeypots

Uncovering attacker tactics through cloud honeypots
2023-06-26 03:00

Attackers typically find exposed "Secrets" - pieces of sensitive information that allow access to an enterprise cloud environment - in as little as two minutes and, in many cases, begin exploiting them almost instantly, highlighting the urgent need for comprehensive cloud security, according to Orca Security.

Orca's research was conducted between January and May 2023, beginning with the creation of "Honeypots" on nine different cloud environments that simulated misconfigured resources in the cloud to entice attackers.

Next, Orca monitored each honeypot to see if and when attackers would take the bait in order to learn what cloud services are targeted most frequently, how long it takes for attackers to access public or easily accessible resources, and how long it takes for attackers to find and use leaked secrets.

"While tactics vary per resource, our research makes one thing clear - if a secret is exposed it will be exploited," said Bar Kaduri, Cloud Threat Research Team Lead at Orca Security.

While Orca expected attackers to find the honeypots quickly, the research team was still surprised just how quickly some were found and exploited.

"The differences in attacker tactics depending on resource illustrates the need for defenders to employ tailored defenses for each instance," said Tohar Braun, Research Technical Lead at Orca Security.


News URL

https://www.helpnetsecurity.com/2023/06/26/cloud-environments-honeypots/