New research from Deep Instinct Monday pointed out that because many organizations have moved to the cloud rather than on-premises during the pandemic, for those not experienced working with cloud services, there’s a risk that misconfigurations or vulnerable, out-of-date components with external API access could get exploited.
Deep Instinct’s bi-annual 2022 Cyber Threat Landscape Report also found that specific attack vectors have grown substantially, including a 170% rise in the use of Office droppers along with a 125% uptick in all threat types combined.
A major security challenge that organizations face in the short-term is to tighten down the security of the many new cloud solutions that were put in place to support the rapid change to a remote workforce,” said Adam Gavish, co-founder and CEO at DoControl.
“Most businesses were well under way in their journey to migrating to the cloud — in all areas of as-a-service offerings,” Gavish said. “The tracks in the ‘journey to the cloud’ were greased by the pandemic, so it's critical to assess and reassess these areas that were adjusted to support business continuity. For the longer-term, attackers have also understood that remote and hybrid environments are there to stay. So it's important to maintain a ‘think like an attacker mindset,’ as there’s an entirely new threat landscape that attackers are looking to exploit.”