Misconfigurations are the primary cause of cyber security issues in the Cloud, according to a new report. Misconfiguration means that the public cloud server instances, such as storage and compute, are configured in such a way that they are vulnerable to breaches.
According to Cloud security firm Trend Micro, 230 million misconfigurations are happening in Cloud on average each day, proving this risk is prevalent and widespread.
“Cloud-based operations have become the rule rather than the exception, and cybercriminals have adapted to capitalize on misconfigured or mismanaged cloud environments,” said Greg Young, vice president of cybersecurity for Trend Micro.
“We believe migrating to the cloud can be the best way to fix security problems by redefining the corporate IT perimeter and endpoints,” Young said in a statement on Wednesday.
Gartner predicts that by 2021, over 75 per cent of midsize and large organizations will have adopted multi-cloud or hybrid IT strategy.
As cloud platforms become more prevalent, IT and DevOps teams face additional concerns and uncertainties related to securing their cloud instances.
The research found threats and security weaknesses in several key areas of cloud-based computing, which can put credentials and company secrets at risk.
Criminals capitalizing on misconfigurations have targeted companies with ransomware, cryptomining, e-skimming and data exfiltration.
“Misleading online tutorials compounded the risk for some businesses leading to mismanaged cloud credentials and certificates,” said the report.
“Taking ownership of cloud data is paramount to its protection,” said Young.