Seventy-one per cent of Singapore organisations were hit by ransomware and other cyber attacks on the public cloud in the past year, according to security vendor Sophos, once again underlining the increased threats facing businesses going digital.
Of those affected, 66 per cent were hit by ransomware and other malware, while 30 per cent suffered from exposed data, 19 per cent had their accounts compromised and 13 per cent were victims of cryptojacking.
The insights are based on a survey of 158 respondents in Singapore, part of a global study this year that interviewed more than 3,500 IT managers currently hosting data and workloads in the public cloud.
The respondents used one of the following cloud services – Microsoft Azure, Oracle Cloud, Amazon Web Services (AWS), VMWare Cloud on AWS, and Alibaba Cloud, as well as Google Cloud and IBM Cloud.
The findings will worry businesses that are increasingly moving their IT infrastructure and applications onto the public cloud in recent years.
The shift has also been accelerated by the pandemic this year, which has forced many businesses to turn to cloud services during a global lockdown to prevent the coronavirus’ spread.
Unsurprisingly, Sophos’ findings point to a continuing trend of ransomware threats. The reason is because of the likely returns for their criminal enterprise.
Attackers are shifting their methods to target cloud environments that cripple necessary infrastructure and increase the likelihood of payment, said Chester Wisniewski, Sophos’ principal research scientist, in a media release today.
In the study, all Singapore respondents interviewed said they were concerned about current levels of cloud security. However, many still do not do enough beyond the security measures offered by cloud providers.
Indeed, misconfigurations account for 66 per cent of reported attacks, the biggest reason for the cybersecurity incidents, according to Sophos.
In comparison, only 37 per cent of Singapore organisations report that cyber criminals gained access through stolen cloud provider account credentials.
Worryingly, less than a quarter of organisations say managing access to cloud accounts is a top area of concern.
It is worrisome that many organisations still don’t understand their responsibility in securing cloud data and workloads, said Wisniewski.
“Cloud security is a shared responsibility, and organisations need to carefully manage and monitor cloud environments in order to stay one step ahead of determined attackers,” he added.
Some rather alarming data from a separate Sophos management tool bears this out. Globally, 91 per cent of accounts have over-privileged identity and access management roles, and 98 per cent have multi-factor authentication disabled on their cloud provider accounts.
