The exposure management company Tenable published the Tenable Cloud Risk Report 2024, which emphasizes that businesses worldwide, including those in India, are unaware they are vulnerable to the “toxic cloud triad,” a trio of cloud security threats that can result in serious data breaches and monetary losses.
The research is based on a thorough examination of data collected from billions of cloud assets in numerous public cloud environments. The first half of 2024 (Jan–Jun) saw the collection of a large amount of data, including configuration and workload details from actual cloud assets that are currently in active production.
The Three Toxic Clouds In light of APAC’s growing adoption of cloud computing across industries, the research highlights the difficulties caused by improper setups, a disproportionate amount of permissions, and serious flaws that allow threat actors access. According to the research, 38% of businesses have at least one highly privileged, highly vulnerable, and publicly visible cloud workload—a trifecta known as the toxic cloud. One-day vulnerabilities that were used on exposed workloads led to a large number of breaches that were reported globally in 2024. Among these, some of the riskiest hacks entailed moving laterally while utilizing the hacked workloads’ privileges. “With cyber risks spreading across every corner of the business, the threat level has become unsustainable,” said Rajnish Gupta, Country Manager, Tenable India. “To tackle the biggest vulnerabilities, organisations need to understand toxic cloud triads and other risky combinations—and know exactly what data is exposed. Attackers exploit the gaps, slipping through outdated defences that can’t keep up or react fast enough.” Additional key findings from Tenable’s Cloud Research team include:
Risky access credentials are held by 84% of businesses for cloud resources. There is a serious security breach that presents a considerable danger because most organisations (84.2%) have access keys that are either unused or have been in use for a long time and have critical or high-severity excessive permissions.
23% of cloud identities have excessive permissions with a critical or high severity. According to an analysis of Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS), 23% of cloud identities—both non-human and human—have excessive rights with a high severity or critical status.
Notably, over 80% of workloads still have CVE-2024-21626, a serious container escape vulnerability that might result in server host compromise, unrepaired 40 days after it was first published.
74% of companies have storage that is accessible to the public; this number includes storage that holds sensitive information. This exposure has been connected to an increase in ransomware assaults, frequently as a result of unauthorised or overly permissive access.
Of the businesses using Kubernetes API servers that are publicly accessible (78%), 41% also permit inbound internet connectivity. Additionally, 58% of businesses have cluster admin role bindings, which indicates that specific users have unrestricted power over all the Kubernetes environments.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
