Cloud misconfigurations become one of the major reasons for unauthorized intrusions and accidental data breaches. Threat actors often target unsecured or poorly configured cloud infrastructures to compromise and steal classified information. Recently, security experts from Palo Alto Network’s Unit 42 performed a honeypot experiment to determine how fast cybercriminals attack exposed cloud services, and the results are alarming.
A honeypot is a decoy security mechanism used to detect or counteract unauthorized intrusions to critical network systems. Once an attacker breaks into the honeypot, the security admins can identify how the hackers compromised the target, the hacking techniques they deployed, and how their networks defended or were compromised.
Palo Alto researchers stated they had used a honeypot infrastructure containing 320 nodes and deployed across North America, Asia Pacific, and Europe, exposing it online. They misconfigured the primary services within the cloud, including the remote desktop protocol (RDP), secure shell protocol (SSH), server message block (SMB), and Postgres database in the honeypot infrastructure. The experiment calculated the time, frequency, and source of the attacks between July and August 2021.
“The speed of vulnerability management is usually measured in days or months. The fact that attackers could find and compromise our honeypots in minutes was shocking. This research demonstrates the risk of insecurely exposed services. The outcome reiterates the importance of mitigating and patching security issues quickly. When a misconfigured or vulnerable service is exposed to the internet, it takes attackers just a few minutes to discover and compromise the service. There is no margin of error when it comes to the timing of security fixes,” the researchers said.
Deploying honeypots offer several security advantages to companies that are trying to boost their network defenses. Implementing honeypot technologies help security admins to break the attacker chain and avoid possible cyber risks. Identifying attackers’ hacking courses and paths help security experts build their own strategies to thwart potential cyberattacks. The honeypot experiments help organizations identify security loopholes and strengthen the overall cybersecurity defenses. Read More Here…
The post Exposed Services Commonly Observed in Public Clouds appeared first on CISO MAG | Cyber Security Magazine.
Click to Open Code Editor