Cybercriminals Attack Cloud Server Honeypot Within 52 Seconds, According to Sophos Global Report, “Exposed: Cyberattacks on Cloud Honeypots” . Sophos study of 10 cloud server honeypots placed worldwide reveals the need for visibility and security to protect what businesses put into hybrid and all-cloud platforms
May 14, 2019
SC Pressroom Cybersecurity's leading news distribution network
Key Report Findings:
- Cloud server honeypots across 10 global locations attacked within 40 minutes, on average
- Cloud servers were subjected to 13 attempted attacks per minute, per honeypot, on average
- More than 5 million attempted attacks on all cloud server honeypots in a 30-day period
OXFORD, United Kingdom, April 09, 2019 (GLOBE NEWSWIRE) -- Sophos (LSE: SOPH), a global leader in network and endpoint security, today announced the findings of its report, Exposed: Cyberattacks on Cloud Honeypots, which reveals that cybercriminals attacked one of the cloud server honeypots in the study within 52 seconds of the honeypot going live in Sao Paulo, Brazil. On average, the cloud servers were hit by 13 attempted attacks per minute, per honeypot. The honeypots were set up in 10 of the most popular Amazon Web Services (AWS) data centers in the world, including California, Frankfurt, Ireland, London, Mumbai, Ohio, Paris, Sao Paulo, Singapore, and Sydney over a 30-day period. A honeypot is a system intended to mimic likely targets of cyberattackers, so that security researchers can monitor cybercriminal behaviors.
In the study, more than 5 million attacks were attempted on the global network of honeypots in the 30-day period, demonstrating how cybercriminals are automatically scanning for weak open cloud buckets. If attackers are successful at gaining entry, organizations could be vulnerable to data breaches. Cybercriminals also use breached cloud servers as pivot points to gain access onto other servers or networks.
“The Sophos report, Exposed: Cyberattacks on Cloud Honeypots, identifies the threats organizations migrating to hybrid and all-cloud platforms face. The aggressive speed and scale of attacks on the honeypots shows how relentlessly persistent cybercriminals are and indicates they are using botnets to target an organization’s cloud platforms. In some instances, it may be a human attacker, but regardless, companies need a security strategy to protect what they are putting into the cloud,” said Matthew Boddy, security specialist, Sophos. “The issue of visibility and security in cloud platforms is a big business challenge, and with increased migration to the cloud, we see this continuing.”
Visibility into Weaknesses
Continuous visibility of public cloud infrastructure is vital for businesses to ensure compliance and to know what to protect. However, multiple development teams within an organization and an ever-changing, auto-scaling environment make this difficult for IT security.
Sophos is addressing security weaknesses in public clouds with the launch of Sophos Cloud Optix, which leverages artificial intelligence (AI) to highlight and mitigate threat exposure in cloud infrastructures. Sophos Cloud Optix is an agentless solution that provides intelligent cloud visibility, automatic compliance regulation detection and threat response across multiple cloud environments.
“Instead of inundating security teams with a massive number of undifferentiated alerts, Sophos Cloud Optix significantly minimizes alert fatigue by identifying what is truly meaningful and actionable,” said Ross McKerchar, CISO, Sophos. “In addition, with visibility into cloud assets and workloads, IT security can have a far more accurate picture of their security posture that allows them to prioritize and proactively remediate the issues flagged in Sophos Cloud Optix.”
Key features in Sophos Cloud Optix include:
- Smart Visibility – Provides automatic discovery of an organization’s assets across AWS, Microsoft Azure and Google Cloud Platform (GCP) environments, via a single console, allowing security teams complete visibility into everything they have in the cloud and to respond and remediate security risks in minutes
- Continuous Cloud Compliance – Keeps up with continually changing compliance regulations and best practices policies by automatically detecting changes to cloud environments in near-time
- AI-Based Monitoring and Analytics – Shrinks incident response and resolution times from days or weeks to just minutes. The powerful artificial intelligence detects risky resource configurations and suspicious network behavior with smart alerts and optional automatic risk remediation
“Migrating several petabytes of data and many applications to AWS and Azure made it necessary to transition from a manual to automated process for security monitoring. Sophos Cloud Optix’s multi-cloud security and compliance platform capabilities provided real-time cloud workload protection status in seconds. The AI-powered monitoring and alerts helped reduce the noise and allowed our teams to focus on delivering value to the business,” said Aaron Peck, vice president and CISO, Shutterfly, Inc., a Sophos customer, based in Redwood City, Calif.
“Our goal is to provide the most comprehensive and highly-effective cyber security services to all of our clients. Whether in technology, manufacturing or utilities, our customers want to maximize their investments and protect their data in the cloud. The partnership with Sophos and the ability to offer Sophos Cloud Optix is important to us because it allows us to provide continuous compliance coupled with intelligent cloud visibility and immediate threat response. With Cloud Optix, our growing customer-base will have the opportunity to solve the toughest challenges in cloud security,” said Rajeev Khanolkar, president and CEO, SecurView Inc., a Sophos partner based in Edison, New Jersey.
Sophos Cloud Optix leverages AI-powered technology from Avid Secure, which Sophos acquired in January 2019. Founded in 2017 by a team of highly distinguished leaders in IT security, Avid Secure revolutionized the security of public cloud environments by providing effective end-to-end protection in cloud services, such as AWS, Azure and Google.
Pricing and availability details are available from Sophos partners worldwide.
For more information on Sophos’ findings, please read the full Exposed: Cyberattacks on Cloud Honeypots report and accompanying Naked Security article, Knock and Don't Run: The Tale of the Relentless Hackerbots. Additional information on Sophos Cloud Optix is available on Sophos.com.
Read the latest security news and views on our award-winning news website Naked Security and read more about Sophos on Sophos News.
Protect every Mac and PC in your home with the next generation of centrally managed cybersecurity software, Sophos Home.
Connect with Sophos wherever you are on Twitter, LinkedIn, Facebook, Spiceworks, and YouTube.
Sophos is a leader in next-generation endpoint and network security. As the pioneer of synchronized security, Sophos develops its innovative portfolio of endpoint, network, encryption, web, email and mobile security solutions to work better together. More than 100 million users in 150 countries rely on Sophos solutions as the best protection against sophisticated threats and data loss. Sophos products are exclusively available through a global channel of more than 43,000 registered partners. Sophos is headquartered in Oxford, UK and is publicly traded on the London Stock Exchange under the symbol "SOPH." More information is available at www.sophos.com.
Samantha Powers, account supervisor, March Communications
URL : http://www.sophos.com
Contact Information:Sara Eberle, senior public relations manager – Americas, Sophos [email protected] Phone: 339-223-9265
Tags: United States, English