Cyber ​​criminals use cloud logs

9 December 2020
| No comments
Cloud security cloud logs

Share post

Cyber ​​criminals use cloud technology to accelerate attacks on businesses. Trend Micro Research finds terabytes of stolen data for sale in cloud logs.

Trend Micro has identified a new breed of cybercrime. Criminals use cloud services and technologies to accelerate attacks. Companies therefore have less time to identify and react to a loss of data.

Trend Micro researchers found terabytes of internal business data from companies as well as logins for popular providers such as Amazon, Google, Twitter, Facebook and PayPal, which are offered for sale on the dark web. The data is sold by accessing the cloud logs in which it is stored. This type of offer means that a larger number of stolen accounts can be monetized. It also reduces the time from the initial data theft to the point at which stolen information can be used against a company from several weeks to just a few days or hours.

Cloud logs help cybercriminals with stolen information

“The new market for access to cloud logs enables cyber criminals to exploit stolen information faster and more effectively. This is bad news for corporate security officers, ”explains Richard Werner, Business Consultant at Trend Micro. “This development shows that attackers are also using cloud technologies to compromise companies. It is important to understand that even companies that only use on-premise systems are not protected from attacks. Rather, all companies must ensure that they really protect themselves and that they have the necessary transparency and control in order to be able to react quickly to any incidents. "

Once a buyer has gained access to logs containing stolen data in the cloud, they can use this information to launch another cyberattack. For example, these logs often contain access data for the Remote Desktop Protocol (RDP), which is a popular entry point for cyber criminals who blackmail companies using ransomware.

Stolen amounts of data in the terabyte range

The storage of stolen data volumes in the terabyte range in cloud environments is just as attractive for criminal organizations as it is for legitimate companies: Cloud storage offers scalability and higher speeds. Processes can be optimized through greater computing power and bandwidth.

Access to these logs of cloud data is often sold on a subscription basis for up to $ 1.000 per month. A single log can contain millions of records. Higher prices are achieved for more frequently updated data sets or the promise of relative exclusivity.

Cyber ​​criminals are very adaptable

With easy access to data, cybercriminals can streamline and accelerate the execution of attacks and increase the number of potential victims. This also shows how adaptable cybercrime is: by ensuring that threat actors who specialize in certain areas - such as cryptocurrency theft or e-commerce fraud - can quickly and cheaply access the data they need, they can still do so cause greater damage.

The Trend Micro report warns that such activity could even spawn a new breed of cybercriminal in the future: a data mining expert who uses machine learning to improve the preprocessing and extraction of information in order to maximize its usefulness for buyers. With the increasing professionalization of cybercrime, the general trend will be towards standardization of services and prices on underground marketplaces.

More on this at TrendMicro.com

 

About Trend Micro

As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.

 

Matching articles on the topic

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

Cyber ​​attacks increase by 104 percent in 2023

A cybersecurity company has taken a look at last year's threat landscape. The results provide crucial insights into ➡ Read more

Mobile spyware poses a threat to businesses

More and more people are using mobile devices both in everyday life and in companies. This also reduces the risk of “mobile ➡ Read more

Crowdsourced security pinpoints many vulnerabilities

Crowdsourced security has increased significantly in the last year. In the public sector, 151 percent more vulnerabilities were reported than in the previous year. ➡ Read more

Digital Security: Consumers trust banks the most

A digital trust survey showed that banks, healthcare and government are the most trusted by consumers. The media- ➡ Read more

Darknet job exchange: Hackers are looking for renegade insiders

The Darknet is not only an exchange for illegal goods, but also a place where hackers look for new accomplices ➡ Read more

Solar energy systems – how safe are they?

A study examined the IT security of solar energy systems. Problems include a lack of encryption during data transfer, standard passwords and insecure firmware updates. trend ➡ Read more

New wave of phishing: Attackers use Adobe InDesign

There is currently an increase in phishing attacks that abuse Adobe InDesign, a well-known and trusted document publishing system. ➡ Read more

Stories
, , , ,