Cado Security, a trailblazer in cloud forensics and incident response solutions, has unveiled its highly anticipated Cado Security Labs 2023 Cloud Threat Findings Report, shedding light on the rapidly evolving landscape of cloud threats.
Headed by CTO and Co-Founder Chris Doman, the team’s discoveries have uncovered innovative cloud-based malware and threat techniques, notably including Denonia, the first-known malware crafted specifically for AWS Lambda environments. Employing honeypot infrastructure for real-time cloud attacker telemetry, the report delivers timely insights into emerging attack patterns and disseminates vital findings within the security community.
Amidst the pervasive adoption of cloud services shaping modern businesses, Cado’s report offers indispensable insights to tackle the burgeoning cloud threats. The report’s key findings reveal the prominence of botnet agents, contributing to significant hacktivist-driven DDoS attacks, and SSH remains a prime target with an observed representation of 68.2%.
Additionally, the report underscores the vulnerability of specific services, with an overwhelming 97.5% of opportunistic threat actors focusing on exploiting known weaknesses.
With cloud technologies reshaping the threat landscape, Cado Security Labs predicts a surge in serverless function attacks, the evolution of non-Windows ransomware, and continued cloud service exploitation for phishing and spam campaigns.
To proactively address these impending threats, Cado Security’s experts advocate understanding the AWS shared responsibility model, limiting access to critical evidence, reducing exposure to services like Docker and Redis, scrutinizing cloud credentials in public repositories, and adhering to the principle of least privilege.
As the cyber threat landscape evolves relentlessly, the insights from the Cado Security Labs 2023 Cloud Threat Report serve as a vital resource for organizations striving to fortify their defenses against the ever-advancing realm of cloud-focused threats.