Organizations expanded their cloud workload deployments following the onset of the pandemic, but they also saw more cloud security incidents. Such incidents in the retail, manufacturing and government industries rose by 402%, 230% and 205%, respectively. These industries were among those facing the greatest pressures to adapt and scale in the face of the pandemic – retailers for basic necessities, and manufacturing and government for COVID-19 supplies and aid.
Why it Matters: Organizations were able to quickly move more workloads to the cloud in response to the COVID-19 global pandemic, but they struggled many months later to automate cloud security and mitigate cloud risks. Our research indicates that cloud security incidents increased by an astounding 188% in the second quarter of 2020 (April to June).
Why it Matters: Unit 42 research revealed significant increases in a wide variety of security risks during the pandemic, including unencrypted cloud data, exposure of cloud resources to public access, insecure port configurations and more. Taken as a whole, these incidents underscore the failure of most organizations to scale cloud governance and security automation at the same rate that they scaled their cloud workloads.
Why it Matters: While they stored more data in the cloud, many organizations failed to enforce proper security controls over that data. Our research indicates that 35% of businesses globally permitted their cloud storage resources – many of which contain sensitive data – to be publicly accessible from the internet. While this may be necessary in some cases, it is likely that it usually results from oversights that remain undetected due to a lack of security monitoring and auditing.
Why it Matters: Unit 42 researchers noted clear correlations between public cloud cryptojacking activity associated with Monero (XMR), a cryptocurrency that can be mined in the cloud, and events related to the pandemic. Mining connections fluctuated in response to pandemic-related health, political and economic developments.