Check Point Research (CPR)the Threat Intelligence division of Check Point Softwarerecorded a 48% increase on an annual basis of cloud-based attacks during 2022as organizations increasingly shift their operations to the cloud.
The rise of cloud-based attacks around the world
Compared to 2021, the increase in Europa is 50%, while in Asia and North America 60% and 28% respectively. CPR has found that hackers leverage the latest Common Vulnerabilities and Exposures (CVEs) to attack through the cloud.
Cloud-based cyberattacks can lead to massive data loss, malware and ransomware attacks, and CPR shares five cybersecurity tips.
Cloud-Based Attacks: Emphasis on Recent CVEs
In recent cloud-based cyberattacks, the CVE more current ones (disclosed in 2020-2022) are being exploited more than on-prem networks for attempts to attack cloud-based networks. The difference between the two types of networks is shown in the figure below.
Further analysis of specific high-profile global vulnerabilities revealed that some key CVEs have had a greater impact on cloud-based networks than on-prem ones. In essence, theThe huge amount of data in the cloud can lead to even more powerful attacks, given their extension and content. In the absence of proper security which is sometimes implemented on other on-premise platforms, networks tend to be easier to exploit.
Examples of notable CVEs disclosed this year that showed a similar trend:
- VMware Workspace Remote Code Execution (CVE-2022-22954) – impatto superiore del 31% sulle reti cloud-based.
- Text4shell Vulnerability (CVE-2022-42889) – 16% greater impact on cloud-based environments than impact on on-prem networks.
- Microsoft Exchange Server Remote Code Execution (CVE-2022-41082) – impatto superiore del 17% sulle reti cloud-based
- F5 BIG IP (CVE-2022-1388) – 12% higher impact on cloud-based networks
- Atlassian Confluence-Remote Code Execution (CVE-2022-26134) – 4% higher impact on cloud-based networks.
