itb-au logo
Story image

Rise in cyberattacks targeting the cloud as use of collaboration tools increase

There is a rise in cyberattacks targeting the cloud as the use of cloud services and collaboration tools increases, according to new research from McAfee. 

The cybersecurity firm this week released its Cloud Adoption & Risk Report – Work-from-Home Edition, which has uncovered a correlation between the increased use of cloud services and collaboration tools, such as Cisco WebEx, Zoom, Microsoft Teams and Slack during the COVID-19 pandemic, along with an increase in cyber-attacks targeting the cloud. 

Based on anonymised and aggregated data from more than 30 million McAfee MVISION Cloud users worldwide between January and April, the report reveals significant and potentially long-lasting trends that include an increase in the use of cloud services, access from unmanaged devices and the rise of cloud-native threats. These trends emphasise the need for new security delivery models in the distributed work-from-home environment of today–and likely the future.  

 In the time surveyed, overall enterprise adoption of cloud services spiked by 50%, including industries such as manufacturing and financial services that typically rely on legacy on-premises applications, networking and security more than others. Use of cloud collaboration tools increased by up to 600 percent, with the education sector seeing the most growth as more students are required to adopt distance learning practices.  

Threat events from external actors increased by 630% over the same period. Most of these external attacks targeted collaboration services like Microsoft 365, and were large-scale attempts to access cloud accounts with stolen credentials. Insider threats remained the same, indicating that working from home has not negatively influenced employee loyalty. Access to the cloud by unmanaged, personal devices doubled, adding another layer of risk for security professionals working to keep their data secure in the cloud.  

“While we are seeing a tremendous amount of courage and global goodwill to overcome the COVID-19 pandemic, we also are unfortunately seeing an increase in bad actors looking to exploit the sudden uptick in cloud adoption created by an increase in working from home,” says Rajiv Gupta, senior vice president, Cloud Security, McAfee. 

“The risk of threat actors targeting the cloud far outweighs the risk brought on by changes in employee behaviour. Mitigating this risk requires cloud-native security solutions that can detect and prevent external attacks and data loss from the cloud and from the use of unmanaged devices," he says. 

"Cloud-native security has to be deployed and managed remotely and can’t add any friction to employees whose work from home is essential to the health of their organisation.”  

 With cloud-native threats increasing in step with cloud adoption, all industries need to evaluate their security posture to protect against account takeover and data exfiltration. 

"Companies need to safeguard against threat actors attempting to exploit weaknesses in their cloud deployments," says Gupta. 

Tips to maintain strong security posture include:  

·        Think cloud-first: A cloud-centric security mindset can support the increase in cloud use and combat cloud-native threats. Enterprises need to shift their focus to data in the cloud and to cloud-native security services so they can maintain full visibility and control with a remote, distributed workforce.  

·        Consider your network: Remote work reduces the ability for hub and spoke networking to work effectively with scale. Network controls should be cloud-delivered and should connect remote users directly to the cloud services they need.  

·        Consolidate and reduce complexity: Cloud-delivered network security and cloud-native data security should smoothly interoperate, ideally be consolidated to reduce complexity and total cost of ownership and increase security effectiveness and responsiveness.  

Story image
Aussie agritech company turns to equity crowdfunding to aid expansion
DIT Technologies has teamed up with Birchal to launch the equity crowdfunding initiative, with the long term view of expanding market reach, bringing more employees on board and improving the solution for farmers. More
Story image
Ericsson bolsters 5G portfolio with $1.1b Cradlepoint buyout
Ericsson will acquire Cradlepoint to create greater market share in the enterprise 5G space, boosting Ericsson’s existing 5G portfolio that includes IoT and enterprise network solutions.More
Link image
How to prove to your C-Suite that CX is worth the investment
Regardless of the benefits of customer experience (CX), the C-Suite wants to know how to validate an experience management program. Local CFOs voice their concerns about ROI, tangible value, and financial benefits – how will you make your case?More
Story image
Lenovo DCG releases agility-focused HCI and cloud solutions
Lenovo is addressing the rise of remote work by delivering an open platform of HCI solutions in partnership with Nutanix, Microsoft and VMWare.More
Link image
Webinar: Best practices for keeping your video chats secure
Video collaboration providers nowadays operate exclusively on a multi-tenant, public cloud - and security and privacy concerns have come into the spotlight. Here's how to secure your communications.More
Link image
How to effectively accelerate 5G device workflow
Achieving a first-to-market advantage in 5G requires innovative network emulation solutions that accelerate the device workflow. Find the 5G network emulation software that's right for you.More