A recent report by Qualys Threat Research Unit (TRU) has brought critical cloud risks to light, emphasizing the escalating threat of cloud tech debt. Based on anonymized global cloud scans from April 2023, the report highlights that over 60 million applications have reached the end of support and end of life, leaving essential categories like databases, web servers, and security software without security updates, significantly increasing the risk of potential breaches.
Cloud misconfigurations have also emerged as a significant concern, with over half of Center for Internet Security (CIS) Benchmarks failing across major cloud providers, including AWS, Microsoft Azure, and Google Cloud Platform (GCP). The most critical misconfiguration categories are encryption, identity and access management, and internet-facing assets.
The report raises alarm over external-facing vulnerabilities, revealing that around 4% of scanned cloud assets are publicly exposed to potential attackers. Additionally, weaponized vulnerabilities pose a significant threat, with the report citing the Log4Shell vulnerability as a major concern. This internet-facing vulnerability enables attackers to execute arbitrary Java code or leak sensitive information, and a staggering 68.44% of detected Log4Shell vulnerabilities on internet-facing cloud assets remain unpatched.
The study identifies malware and cryptomining as the top two threats to cloud assets, facilitating unauthorized access and lateral movement. The report also underscores the core characteristic of cloud computing—self-service, which allows rapid and scalable deployment of infrastructure and resources without traditional on-premises IT constraints but comes with significant associated risks.
Automation emerges as a crucial factor in remediation processes, effectively reducing unresolved vulnerabilities and expediting patching. Automating non-Windows patching increased rates by nearly 8% and reduced remittance time by two days.
Ultimately, managing security in hybrid and multi-cloud environments requires seamless tools and techniques that work across all cloud vendor environments and on-premise deployments.
As stated by Utpal Bhatt, CMO at Tigera, automation plays a central role in cloud security due to the numerous and ever-changing computing resources in the cloud. For more details, the report is available through Qualys’ blog post published today.
