Cyberattackers Steal Company Jewels in 3 Steps

By Greg Tavarez, TMCnet Editor  |  September 29, 2022

A company’s most valuable assets, such as customer and prospect databases, employee and HR information and corporate financial information, are the jewels cyberattackers want. Those prized possessions should be protected using the highest security standards and should receive the highest priority when deciding which risks need to be remediated first.

One would think companies would put up countless walls and hurdles to prevent cyberattackers from infiltrating their digital fortresses to get to their assets. However, Orca Security found in its “2022 State of the Public Cloud Security Report” that, on average, an attacker only needs to find three connected and exploitable weaknesses in a cloud environment to exfiltrate data or hold an organization to ransom.

That finding raises an eyebrow, asking why an average attack path is only three steps away from confidential information. Attackers clearly want one thing, and that is to hold a company ransom by threatening to expose sensitive information.

But companies are not applying basic security measures. Features like MFA (News - Alert), least-privilege permissions, encryption, strong passwords and port security are still not being applied consistently. For example, 42% of companies granted administrative permissions to more than half of their users, 71% used default Google (News - Alert) Cloud service accounts and 7% have internet-facing neglected assets with open ports.

Attackers will exploit those vulnerabilities. In fact, three-fourths of attacks start by exploiting vulnerabilities. Attacker then take advantage of vulnerabilities to gain access to specific assets and move laterally from one to the other.

“There is much work to be done, from unpatched vulnerabilities and overly permissive identities to storage assets being left wide open,” said Avi Shua, CEO and co-founder, of Orca Security. “Organizations should work strategically and ensure that the risks that endanger the organization’s most critical assets are always addressed first.”

To reduce the cloud attack surface and bolster their defenses, companies are strongly encouraged to apply MFA and strong password management, encrypt sensitive data and keys, perform backups, patch vulnerabilities, eliminate unused assets and maintain cloud asset inventory.

No one likes the idea of being attacked, but if it were to happen, make it difficult for the bad actor.

Edited by Erik Linask