Centrify study: 90 percent of hackers use compromised privileged credentials in cyberattacks on the cloud. Cybercriminals are increasingly targeting the cloud in times of remote work.
An overwhelming proportion (90 percent) of cyber attacks on cloud environments in the past twelve months involved compromised privileged credentials. This is the result of a new study by Centrify, a leading provider of modern Privileged Access Management (PAM) solutions. 65 percent of the IT decision-makers surveyed have experienced attempted attacks on their cloud environments, and 80 percent of these attacks were also successful.
150 IT decision-makers in the USA surveyed
In order to assess how the dependency on the cloud and the resulting risks around this attack surface have developed one year after the start of the home office era, Centrify conducted a survey in March 2021 in cooperation with CensusWide 150 IT decision-makers in the USA (see survey results). The results show that the reliability, availability and scalability of the cloud have become critical to business operations. Cyber criminals have recognized this.
While the majority (63 percent) of those surveyed took the step to the cloud three to five years ago, a quarter (25 percent) only started switching to the cloud in the last two years. Almost a third (31 percent) use hybrid and multi-cloud environments, while 45 percent pursue a purely private cloud approach and 23 percent rely on a public cloud. Availability was the most important benefit of the cloud (46 percent), followed by collaboration (28 percent), cost savings (15 percent) and scalability (9 percent).
Compliance in the cloud: Almost 20 percent see problems
Despite the frequency of cyber attacks on the cloud, managing multi-cloud environments was cited as the biggest challenge when moving to the cloud (36 percent), followed by cybersecurity risks and cloud migration (both 22 percent). In addition, 19 percent of respondents saw a problem with maintaining compliance in the cloud.
90 percent of hackers simply log in
“Attackers no longer hack into systems: they just log in. Since almost all attacks on the cloud use stolen privileged credentials, the security portfolio of companies should include a centralized PAM solution that was developed in the cloud for the cloud, ”says Özkan Topal, Sales Director at Centrify. "This approach minimizes the attack surface and controls privileged access to hybrid environments, even if these evolve after COVID-19."
More on this at Centrify.com
About Centrify
Centrify offers modern Privileged Access Management (PAM) solutions based on Zero Trust principles to enable digital transformation on a large scale. Centrify provides modern Least Privilege Access for human and machine identities based on the verification of who is requesting access, the context of the access request and the risk of the access environment. Centrify centralizes and orchestrates fragmented identities, improves audit and compliance transparency and reduces risks, complexity and costs for modern, hybrid companies. More than half of the Fortune 100 trust Centrify, including the world's largest financial institutions, intelligence agencies, and critical infrastructure companies. Whether human or machine, in the cloud or on site - with Centrify, privileged access is secure.