Cybercriminals shift focus in an attempt to capitalize on home-working trend

A huge increase in cyber-attacks targeting cloud services has accompanied the move by many organizations to get staff to working from home in response to the Covid-19 pandemic.

A new study from McAfee reports that external attacks on cloud accounts grew sevenfold (up 630%) between January and April.

Most of these external attacks targeted collaboration services like Microsoft 365, and were large-scale attempts to access cloud accounts with stolen credentials.

Figures from the security firm further report that “anomalous login attempts” tripled in the first three months of 2020.

Insider threats remained the same, indicating that working from home has not negatively influenced employee loyalty.

Remote working risks

Access to the cloud by unmanaged, personal devices doubled in the January to April period, adding another layer of risk for security professionals working to keep their off-site data secure.

Overall, enterprise use of cloud services increased by 50%, bolstered by increased adoption by industries such as manufacturing and financial services that typically rely on legacy on-premises applications, networking, and security more than others.

Video conferencing has become the killer app for working from home. Cisco WebEx, Zoom, Microsoft Teams, and Slack saw an increase of up to 600% in usage, led by the education sector and its adoption of distance learning practices.

Nigel Hawthorn, data privacy expert for cloud security at McAfee commented: “The move to widespread remote working has required many industries to adopt new cloud services in order to maintain staff communication and collaboration during such a challenging time.

“However, it is important to recognise the increased threat from cybercriminals who see opportunity in cloud services that are not managed securely.”

With cloud-native threats increasing in step with cloud adoption, all industries need to evaluate their security posture to protect against account takeover and data exfiltration, according to McAfee.

The company’s findings are based on data from more than 30 million McAfee MVISION Cloud users worldwide between January and April.

The full report, entitled Cloud Adoption & Risk Report – Work-from-Home Edition (registration required), offers guidance and advice on rolling out security policies to the cloud.

Source: PortSwigger.net
Images: Collage from Images by Pete Linforth and Clker-Free-Vector-Images from Pixabay