RedLock is now a part of Palo Alto Networks - READ MORE
RedLock Press Release
Press Release

RedLock Report Indicates Data Breaches in the Cloud Will Continue to Rise

October 5, 2017

Identifies troubling trends concerning how organizations approach public cloud security   Menlo Park, CA (October 5, 2017)RedLock, the Cloud Threat Defense company, today released a new report based on research from its Cloud Security Intelligence (CSI) team – a group of elite security analysts, data scientists and data engineers. The latest “Cloud Security Trends” report spans research from June through September, 2017, providing a comprehensive view into major threats and vulnerabilities in public cloud computing environments despite cloud service providers’ efforts to educate organizations on shared security responsibilities.   Among key findings in the new report, the RedLock CSI team found that:

  • Data exposures are on the rise because organizations are failing to adhere to established security best practices. For example, the report found that 53% of organizations using cloud storage services such as Amazon Simple Storage Service (Amazon S3) have inadvertently exposed one or more such service to the public (up from 40% in the May “Cloud Infrastructure Security Trends” report). This is after Amazon published a warning on this subject to all of its customers. Moreover, the research also revealed that 48% of PCI checks fail in public cloud computing environments.
  • Vulnerabilities are being neglected in the cloud due to the fact that organizations are unable to leverage their existing vulnerability management investments that lack context on constantly changing cloud resources. The RedLock CSI researchers found that 81% of organizations are not managing host vulnerabilities in the cloud, opening up the organization to potential attacks or breaches.
  • Risky users are flying under the radar. The research team determined that administrative user accounts for public cloud computing environments have potentially been compromised at 38% of organizations. Malicious actors could use these compromised accounts to infiltrate the cloud environments and cause tremendous damage to business operations. 
  • Nefarious network activities are rampant. The RedLock CSI team discovered 37% of databases are accepting inbound connection requests from the internet, and 7% of those are receiving requests from suspicious IP addresses, indicating they’ve been compromised.
  • And cloud attack kill chains are complex and require a holistic approach to cloud threat defense. The research team found a number of Kubernetes administrative consoles that were not password protected, creating a window of opportunity for hackers. Researchers even found that many of these environments were leaking access credentials for various cloud environments. To make matters worse, some of these environments had already been compromised to mine Bitcoins, which organizations were completely unaware of.
  “In our second Cloud Security Trends report, the RedLock CSI team found that organizations are still falling behind in effectively protecting their public cloud computing environments,” said Gaurav Kumar, CTO of RedLock and head of the CSI team. “As we’ve witnessed by recent incidents at organizations such as Viacom, OneLogin, Deep Root Analytics and Time Warner Cable, the threats are real and cybercriminals are actively targeting information left unsecured in the public cloud. It’s imperative for every organization to develop an effective and holistic strategy now to protect their public cloud computing environment.”   First unveiled in May, the RedLock CSI team’s mission is to enable organizations to confidently adopt public cloud computing by researching cloud threats and advising organizations on cloud security best practices. To date, it has discovered millions of exposed records that contain sensitive data belonging to dozens of organizations ranging from small businesses to Fortune 50 companies.   Download a copy of the full “Cloud Security Trends” research report at https://info.redlock.io/cloud-security-trends-oct2017.   About RedLock RedLock enables effective security governance across Amazon Web Services, Microsoft Azure, and Google Cloud environments. The RedLock Cloud 360™ platform takes a new AI-driven approach that correlates disparate security data sets including network traffic, user activities, risky configurations, and threat intelligence, to provide a unified view of risks across fragmented cloud environments. With RedLock, organizations can manage risks, validate architecture, and enable security operations across cloud computing environments.   Global brands across a variety of verticals trust RedLock to secure their public cloud computing environments. The company is backed by Sierra Ventures, Storm Ventures, Dell Technologies Capital, and other high profile investors. RedLock has received a number of industry accolades including finalist for Most Innovative Startup at RSA 2017, CRN Emerging Vendors in Security 2017, and TiE50 Winner 2017.