Latest Wave of Cloud Security Reports Released

Cicso and AlertLogic have both released their latest cloud security reports and their findings are not as hopeful as one might expect. With 2014’s boom of cloud security startups gaining impressive funding injections, and cloud security being at the forefront of most cloud users minds (need I mention the NSA?) One could have though that we were better equipped at handling the various types of cloud security attacks. The report show that this is not yet the case.

One cause for concern is the reported return of DDoS attacks. These attacks not only disruptive and embarrassing for service providers; but when institutions like Bank of America experience an attack, customers are left both frustrated and oftentimes scared about the safety of their funds.

In the Cisco report some key points stand out:

  • Malicious exploits are gaining access to web hosting servers, nameservers, and data centers. This suggests the forming of überbots that seek high-reputation and resource-rich assets.
  • Malware encounters are shifting toward electronics manufacturing and the agriculture and mining industries at about six times the average encounter rate across industry verticals.
  • Ninety-nine percent of all mobile malware in 2013 targeted Android devices. Android users also have the highest encounter rate (71 percent) with all forms of web-delivered malware.

AlertLogic also released their spring annual report. This report gives us a better insight into the regional differences in security attacks. They claim to have analyzed over 1 Billion security events for their study. Their overall findings were also of some concern. Some standout findings from their report include:

  • There has been an increase in attack frequency in both on-premises and cloud hosting provider (CHP) environments.  
  • Malware/botnet attacks, historically the most common attacks in the on-premises datacenter, are on the rise in CHP environments.
  • CHP environments saw significant increases in attacks, with brute force attacks climbing from 30% to 44% of customers, and vulnerability scans increasing from 27% to 44%. These two types of incidents have historically been far more likely to target on-premises environments, but are now occurring at near-equivalent rates in both CHP and on-premises environments.

They also noted that the highest volume of attacks occurred in Europe, where they found four times the number of attacks than found in America, and double that of Asia. Additionally, they reported that Asia was found to have over double the incidences of attacks than America had.

With all these findings, we can only expect a stronger cloud security push to quell the growing fears.