Research cloud threats – and finally eliminate them with Palo Alto Networks

Research cloud threats – and finally eliminate them with Palo Alto Networks

Cloud threat researchers at Palo Alto Networks Unit 42 set out to understand the forces behind attacks on cloud infrastructures – and how each attacker goes about it. The research project examined around 680,000 cloud identities in 18,000 cloud accounts from more than 200 companies. Results:

Above all, problems with identity and access management (IAM) offer loopholes for attacks on cloud infrastructures.

The central issue: IAM

Faulty configurations are at the heart of most cloud security problems. However, look closer and you’ll see that these problems are often related to poor implementations in IAM. IAM is the most important and complex component that governs the authentication and authorization of every resource in a cloud environment. In a nutshell: IAM is the first line of defense in most cloud environments.

In the current report, Unit 42 researchers analyze around 680,000 identities to understand their configurations and usage patterns. The research shows that extremely many cloud identities are never used. In addition, 53% of cloud accounts allow the use of weak passwords and 44% allow password reuse.

Malicious attackers are being clever – and know exactly where to go. Unit 42 researchers created a cross-industry Cloud Threat Actor Index that lists the operations of aggressive actors. Key finding: each of these actors, organized into groups, is targeting cloud IAM credentials.

All additional information can be found here.

Need more information on IAM and OKTA?

Reach out to your sales team in the coming days to learn how Okta’s IAM solution fits your customers’ challenges.