The number of cyberattacks directed at cloud infrastructure is still below that experienced by on-premises data centres but will probably reach parity at some point, an analysis by security-as-a-service provider Alert Logic has suggested.
The firm’s Cloud Security Report [reg required] looked at 232,364 verified security incidents at 2,212 organizations in North America and Western Europe over a 6-month period last year using the firm’s own intrusion system, finding a predictable rise in attacks across all environments.
The top attack types for cloud hosting providers (CHPs), which formed 80 percent of the sample, centred on brute force attacks on credentials and scans for vulnerable software, both seen by seen by 44 percent of its customers. This find is significant because for the first time the numbers roughly match the percentage of customers reporting such incidents in on on-premises data centres.
Malware and botnet attacks, long the bane of mainstream data centre IT, are also rising fast against CHPs, which Alert Logic puts down to a greater use of desktop virtualisation and mobile applications; at 11 percent of organisations they are still well below the 56 percent rate for on-premises.
The company also set up cloud honeypots to gain some insight into the type of attacks being experienced, uncovering a pretty standard range of attacks on applications such as MicrosoftSQL, MySQL, HTTP, FTP, which varied by geography for reasons that have nothing to do with the cloud itself.
What this all means is that neither environment is inherently more or less secure. Both are under attack and as cloud adoption increases so the attacks on it will grow too.
“Our intelligence suggests that the observed increase in cloud attacks is correlated to the growth of cloud adoption in the enterprise,” said Alert Logic’s chief security evangelist, Stephen Coty.
“As more enterprise workloads have moved into cloud and hosted infrastructures, some traditional on-premises threats have followed them. This reinforces the necessity for enterprise-grade security solutions specifically designed to protect cloud environments.”
On the other hand, an attack on cloud infrastructure will not always be as visible, something that spells danger for enterprises.
“People do not have enough understanding of the shared security responsibility with the cloud provider,” said Coty. “You have to treat the cloud like on-premises.”
CHPs would provide security only up to certain layers, for instance the hypervisor. Securing the operating system and application would fall to the customer, he said.