Over 90% of Cybersecurity Leaders Worldwide Encountered Cyberattacks Targeting Cloud Environments
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
In what security experts are describing as a \u201cdistributed crisis,\u201d a staggering 90% of cybersecurity and IT leaders worldwide reported experiencing cyberattacks targeting their cloud environments within the past year.<\/p>\n
This alarming statistic emerges from comprehensive research conducted across ten countries, highlighting the increasing vulnerability of organizations as they transition from on-premises systems to hybrid cloud infrastructures.<\/p>\n
The study, which surveyed more than 1,600 IT and security leaders, reveals that despite increased investment in cloud security, threat actors continue to find success in breaching these environments.<\/p>\n
The nature of cloud-targeted attacks has evolved dramatically, with adversaries shifting away from traditional malware-based approaches toward more sophisticated identity-based intrusion methods.<\/p>\n
According to the research, malware-free activity now accounts for 79% of all detected intrusions, a significant increase from just 40% in 2019.<\/p>\n
This paradigm shift reflects attackers\u2019 adaptation to modern enterprise environments, where they increasingly exploit valid credentials, engage in hands-on-keyboard intrusions, and deploy social engineering tactics to bypass conventional security measures.<\/p>\n
The impact of these breaches has been severe, with 86% of organizations that experienced ransomware attacks ultimately paying the demanded ransom to recover their data or halt the attack.<\/p>\n
Even more concerning, 74% of victims reported that attackers were able to harm backup and recovery options, effectively eliminating safety nets designed to mitigate such incidents.<\/p>\n
Rubrik Zero Labs researchers identified<\/a> a particularly troubling trend in their analysis: the dramatic reduction in \u201cbreakout time\u201d \u2013 the period between initial compromise and lateral movement across systems.<\/p>\n \u201cIn 2024, the average breakout time for interactive eCrime intrusions fell to 48 minutes, down from 62 minutes in 2023,\u201d noted security analysts.<\/p>\n \u201cAlarmingly, the fastest breakout was recorded at just 51 seconds, meaning defenders may have less than a minute to detect and respond before attackers establish deeper control\u201d.<\/p>\n The report provides detailed insight into how identity-based attacks have become the preferred method for cloud environment infiltration.<\/p>\n Rather than breaking in through security vulnerabilities<\/a>, attackers are simply logging in using compromised credentials.<\/p>\n This approach proves particularly effective in cloud and SaaS environments where traditional perimeter defenses offer limited protection.<\/p>\n Valid account abuse was responsible for 35% of cloud-related incidents, reflecting attackers\u2019 growing focus on identity compromise as a gateway to broader enterprise environments.<\/p>\n Microsoft\u2019s security telemetry supports this finding, revealing that they block over 600 million identity-based attacks daily.<\/p>\n These attacks typically begin with credential harvesting through phishing campaigns or purchase of stolen credentials<\/a> from access brokers, whose activity surged by nearly 50% compared to the previous year.<\/p>\n The attack sequence typically progresses as follows:-<\/p>\n To counter this growing threat, the report recommends organizations adopt a comprehensive strategy that includes improved visibility into cloud environments, identity protection measures, and robust backup capabilities that mirror the rigor traditionally applied to on-premises systems.<\/p>\n Without this unified approach to data protection<\/a>, organizations remain vulnerable to increasingly sophisticated cloud-targeted attacks that move at unprecedented speed.<\/p>\n The post Over 90% of Cybersecurity Leaders Worldwide Encountered Cyberattacks Targeting Cloud Environments<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nThe Rise of Identity-Based Attack Vectors<\/strong><\/h2>\n
Initial Access (compromised credentials) \u2192 \n Cloud Environment Access \u2192 \n Lateral Movement (using management tools) \u2192 \n Privilege Escalation \u2192 \n Data Discovery & Exfiltration<\/code><\/pre>\nMalware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!->\u00a0Get Your Free Copy<\/a><\/code><\/strong><\/p>\n