CYJAX has published a new White Paper which explores the current threat landscape affecting the cloud, including notable threat actors, attacks, vulnerabilities and service abuses that have been observed this year.
Threat actors are increasingly targeting cloud services as more organisations implement solutions such as Microsoft Azure, Amazon Web Services and Google Cloud Platform for efficiency, cost-effectiveness and potential security improvements. In 2023, there have been major attacks affecting the cloud threat landscape, the largest being Cl0p’s supply chain attacks against MOVEit MFT, as well as GoAnywhere MFT. These attacks resulted in the sensitive data of hundreds of companies being compromised and leaked.
The first part of this paper assesses recently identified threat activity, attack methods and malware strains, as well as the impacts they have had on targeted services and the victims.
The second part explores supply chain attacks, with a focus on Cl0p’s 0day exploitation in MFT software, and the consequences of data breaches for targeted organisations.
The third part discusses the use of cloud services as tools in attacks, such as how file storage solutions are often deployed to host malicious payloads.
The final part considers vulnerabilities and exploits affecting cloud infrastructure, as well as the potential damage and further malicious activity that can result from unpatched flaws and 0day or Nday vulnerabilities.
The conclusion offers an overview on the threats that have been analysed and the change in activity and attacks, along with the potential future developments in the threat landscape.