Sophos, a world leader in network security and endpoint, announced the results of its report to the discovered: Cyber Attacks in Cloud Honeypots to know the level of vulnerability that has the information that raise the enterprises to the cloud. It reveals how the cybercriminals attacked one of the cloud Honeypots servers analyzed in just 52 seconds, which operated in Sao Paulo, Brazil.
On average, the servers in the cloud were affected by 13 attempts at attacks per minute, by Honeypot. These were installed over a 30-day period in 10 of the world’s most popular Amazon (AWS) Web service data centers: California, Frankfurt, Ireland, London, Mumbai, Ohio, Paris, San Pablo, Singapore and Sydney. It is worth mentioning that a honeypot is a system designed to mimic the possible objectives of cyber attacks, so that security researchers can monitor the behavior of cybercriminals.
In the study, more than 5 million attacks were analyzed in the Honeypots global network for 30 days, which demonstrates how cybercriminals are automatically scanning for deposits in weak open clouds. If attackers manage to enter, organizations may be vulnerable to data violations. Cybercriminals also use vulnerable cloud servers as base points for accessing other servers or networks.
“The uncovered Sophos report: Cyber in Cloud Honeypots identifies the threats facing organizations that migrate to hybrid and cloud platforms. The aggressive speed and scale of attacks on honeypots shows how tirelessly persistent cybercriminals are and indicates that they are using botnets to attack cloud-based platforms. Although in some cases, the attack can be carried out by a human being, companies need a security strategy to protect what is going up to the cloud, says Matthew Boddy, Sophos security specialist. “The problem of visibility and security on cloud platforms is a big business challenge, and with increased migration to the cloud, we see that this will continue,” says the executive.
Visibility, among the weaknesses
The continuous visibility of the public cloud infrastructure is vital for companies to know what to protect and ensure compliance with standards. However, the multiple development teams within an organization and an environment of scaling automatic and in constant evolution makes this a serious problem for the IT security. Sophos is addressing this weakness of security in public clouds with the launch of Sophos Cloud Optix, which leverages artificial intelligence (AI) to highlight and mitigate exposure in infrastructure in the cloud. Sophos Cloud Optix is a no-agent solution that provides intelligent cloud visibility, compliance, and threat response across multiple cloud environments.
“Instead of flooding security teams with a lot of undifferentiated alerts, Sophos Cloud Optix significantly minimizes the number of alerts by identifying what is truly meaningful and actionable,” said Ross McKerchar, CISO, Sophos. “In Addition, with the visibility of assets and workloads in the cloud, the IT area can have a much more accurate picture of its security posture, enabling them to proactively prioritize and remediate the issues marked in Sophos Cloud Optix.”
Key Features of Sophos Cloud Optix:
- Intelligent Visibility — provides automatic detection of an organization’s assets in the AWS, Microsoft Azure, and Google Cloud Platform (GCP) environments, through a single console, allowing Security teams have full visibility of everything they have in the cloud, in addition to responding and remedy security risks in minutes.
- Continuous cloud Compliance — keeps up to date with changing compliance regulations and best practices policies by automatically detecting changes in cloud environments in a short time
- IA-based Monitoring and analysis — reduces response times and incident resolution that could take days or weeks to minutes. Powerful artificial intelligence detects risk resource configurations and suspicious network behavior with intelligent alerts and optional risk automatic remediation.
“The migration of several petabytes of data and many applications to AWS and Azure necessitated the transition from a manual to an automated process for security monitoring. The features of Sophos Cloud Optix’s multi-cloud compliance and security platform provide in seconds the protection status of the cloud workload in real time. AI-driven monitoring and alerts helped reduce problems and enabled our teams to focus on giving value to the business, said Aaron Peck, vice President and CISO, Shutterfly, Inc., a customer of Sophos, headquartered in Redwood City, California.
“Our goal is to provide comprehensive and effective cybersecurity services. Whether It’s technology, manufacturing or utilities, our customers want to maximize their investments and protect their data in the cloud. The partnership with Sophos and the ability to offer Sophos Cloud Optix is important because it allows us to provide continuous compliance along with intelligent cloud visibility and immediate response to threats. With Cloud Optix, our growing customer base has the opportunity to solve the most difficult challenges in cloud security, said Rajeev Khanolkar, president and CEO of SecurView Inc., a partner of Sophos based in Edison, New Jersey.
Sophos Cloud Optix leverages Avid Secure’s AI-driven technology, acquired by the company in January 2019. Founded in 2017 by a team of highly distinguished IT security leaders, Avid Secure revolutionized the security of public cloud environments by providing effective end-to-end protection in cloud services, like AWS, Azure and Google.