author photo
By SecureWorld News Team
Tue | Aug 22, 2017 | 8:04 AM PDT

The enterprise is moving to the cloud and now we have proof that attackers are, too.

Microsoft just released its latest Global Security Intelligence Report (GSIR) and the cloud threat intelligence is significant. Attacks on the cloud are up 300% in Q1 2017 vs. Q1 2016.

microsoft-cloud-attack-report

As you can see in the chart on cloud attacks in 2017 (yellow bars) the shift to cloud-based user account attacks increased right out of the gate and this trend appears to have staying power.

Most likely, this is because of the seismic shift to the cloud that continues in the marketplace.

"The cloud has become the central data hub for any organization, which means it is also a growing target for attackers," says the report.

Top 3 Ways to Secure the Cloud

Microsoft's Identity Security and Protection Team also did analysis on how attackers are successful at compromising cloud-based accounts. 

Here are the top 3 ways to secure the cloud based on how attackers are successful:

  1. Require strong and unique passwords. The GSIR report found a large majority of cloud compromises occurred because of weak, guessable passwords and poor password management. Multi-factor authentication is mentioned as showing signs of success in this area.

  2. Stay on top of your organization's human factor/awareness efforts. Targeted phishing attacks to steal user credentials are the second most significant way hackers are attacking the cloud, according to Microsoft.

  3. Third-party security needs to be a priority. The report finds that the breach of third-party services is the third way that attackers are most likely to gain access to what you have stored in the cloud.

Lastly, when it comes to cloud attacks in 2017, Microsoft says the idea that employees should never re-use passwords across sites remains critical: "As an increasing number of accounts are breached and passwords phished, attackers attempt to use the credentials on multiple services." 

The shift to the cloud continues and now we have proof that attacks on the cloud are increasing, too.

Which is exactly why cloud security is on the agenda at this year's SecureWorld conferences around North America. 

 

 

 

 

Comments