Skip to main content
Advertisement
Live broadcast

The expert named the most popular attack vectors on cloud systems

Expert Sidorov: unauthorized access through the military—industrial complex is the most popular attack
0
Озвучить текст
Select important
On
Off

In 2024, attempts to gain unauthorized access to infrastructure through malicious software (VPO) were among the most popular attacks on cloud systems — 40%. Evgeny Sidorov, the CISO of Yandex Cloud, informed Izvestia about this on April 9.

"Our SOC team has identified current threats for 2024: the most popular attack vectors are associated with attempts to gain unauthorized access to infrastructure through malware (40%), micro—configurations of cloud infrastructure settings and vulnerabilities (30%), as well as DDoS attacks (18%)," he said.

According to him, unauthorized access to infrastructure through malware for further consolidation in the contour of companies has remained the most popular tool over the past few years.

"This technique suggests that in most cases, there were no threat detection tools in the virtual or container infrastructure. In the initial stages, the attackers mainly used either tools for redteaming, for example, gsocket, various shells, or tools for remote administration. In the case of automated attacks, which mainly occur due to misconfigurations in container environments, we detected the activity of various botnets, such as Kinsing or Smokeloader," Sidorov added.

He noted that experts predict an increase in incidents related to cybercrime attacks, which are mainly aimed at committing destructive actions (encryption, destruction) in relation to information and business processes of companies, without financial gain.

Earlier, on February 21, it was reported that the average duration of a cyberattack on Russian companies in 2024 was 51 minutes, which is 21% less than in 2023, according to data from Informzashita. Experts attribute this negative trend to the proliferation of stilers, the development of hacker service platforms, and the use of artificial intelligence by attackers.

Переведено сервисом «Яндекс Переводчик»

Live broadcast