A US-based provider of Security-as-a-Service for the cloud has brought out a Cloud Security Report.
Alert Logic says that it regularly conducts a comparative analysis across customer cloud and on-premises infrastructures. The firm reports a significant increase in attacks across cloud and on-premises IT use.
Drawing on data obtained from a customer base of 2200, Alert Logic found a significant increase in activity across cloud and hosting environments compared to last year’s findings—brute force attacks climbed from 30 per cent to 44pc of customers, and vulnerability scans increased from 27pc to 44pc. These two types of incidents—historically far more likely to target on-premises environments—are now occurring at near-equivalent rates in both cloud and on-premises.
Stephen Coty, Chief Security Evangelist at Alert Logic, said: “Our intelligence suggests that the observed increase in cloud attacks is correlated to the growth of cloud adoption in the enterprise. As more enterprise workloads have moved into cloud and hosted infrastructures, some traditional on-premises threats have followed them. This reinforces the necessity for enterprise-grade security solutions specifically designed to protect cloud environments.”
Alert Logic also selected an area for more investigation. The company deployed honeypots in public cloud infrastructures around the world to observe attack types and frequency.
Findings
Highest volume of attacks occurred in Europe, where honeypots experienced four times the number of attacks as the US
14 per cent of malware collected through the honeypots was considered undetectable by 51 of the world’s top antivirus vendors.
About the report
During the research period between April 1 and September 30, 2013, Alert Logic observed more than one billion security events and verified more than 232,364 security incidents as valid threats. The Alert Logic Cloud Security Report – Spring 2014 evaluates incident occurrence, incident frequency and threat diversity, across six security incident categories. To view the Spring 2014 Cloud Security Report visit www.alertlogic.com/csr.
