A quarter of all businesses are suffering from cloud “cryptojacking”, according to new research from information security company RedLock this week, with their computing resources being hijacked to mine cryptocurrencies.
The cloud security specialists advised businesses to implement a ‘deny all’ default outbound firewall policy and closely monitor network security to stay ahead of suspicious traffic involving cryptomining activity.
Chris Doman, security researcher at AlienVault told Computer Business Review: “Most of these attacks are opportunistic – the attackers scan the internet for vulnerable systems in any environment, many of which are with cloud providers”.
The report comes after RedLock also found that poor cloud storage configuration is rampant, 51 percent of businesses including names like Deep Root Analytics, FedEx and Under Armour all having inadvertently exposed at least one cloud storage service.
Mitigations to Cryptojacking Risks
In a past report, RedLock also discovered specific hacker infiltrations in Tesla, Aviva and Gemalto public cloud environments to mine cryptocurrency and there is evidence that attackers are now using advanced intrusion schemes.
Some 43 percent of all organisations still have not administrated cloud access keys in more than 90 days, a high level risk to exposure. Luckily, only 20 percent of organisations only allow the root user account (administrator) to execute activities, a significant drop from the 73 percent reported in a past report.
“Cloud computing environments bring tremendous flexibility and great economies of scale, but those advantages are meaningless without top-level security”, explained Gaurav Kumar, CTO of Redlock.
In relation, another explanation by Redlock explains companies should ensure cloud resources are automatically discovered and constantly monitored for compliance across all cloud environments to maintain robust cloud security.
The amount of effort cloud providers put into maintaining and securing the services, the odds of detecting an intrusion and understanding how data would be separate from other users of the service are all important factors in securing cloud services, demonstrated by the National Cyber Security Centre (NCSC).