SECURITY NEWS
38 % enterprises have cloud workloads that meet toxic cloud triad criteria finds Tenable
Tenable , the exposure management company , released its 2024 Tenable Cloud Risk Report , which examines the critical risks at play in modern cloud environments . Most alarmingly , four in 10 organisations globally are leaving themselves exposed at the highest levels due to the toxic cloud triad of publicly exposed , critically vulnerable and highly privileged cloud workloads .
Each of these misalignments alone introduces risk to cloud data , but the combination of all three drastically elevates the likelihood of exposure access by cyber attackers .
Security gaps caused by misconfigurations , risky entitlements and vulnerabilities combine to dramatically increase cloud risk . The Tenable Cloud Risk Report provides a deep dive into the most pressing cloud security issues observed in the first half of 2024 , highlighting areas such as identities and permissions , workloads , storage resources , vulnerabilities , containers and Kubernetes .
It also offers mitigation guidance for organisations seeking ways to limit exposures in the cloud .
“ Our report reveals that an overwhelming number of organisations have access exposures in their cloud workloads of which they may not even be aware ,” said Shai Morag , Chief Product Officer , Tenable .
Publicly exposed and highly privileged cloud data lead to data leaks . Critical vulnerabilities exacerbate the likelihood of incidents . The report reveals that a staggering 38 % of organisations have cloud workloads that meet all three of these toxic cloud triad criteria , representing a perfect storm of exposure for cyber attackers to target .
Analysis of AWS , GCP , Azure , reveals that 23 % of cloud identities , have critical or high severity excessive permissions .
When bad actors exploit these exposures , incidents commonly include application disruptions , full system takeovers , and DDoS attacks that are often associated with ransomware . Scenarios like these could devastate an organisation , with the 2024 average cost of a single data breach approaching $ 5 million .
Additional key findings from the report include :
84 % of organisations have risky access keys to cloud resources
Most organisations , 84.2 % possess unused or longstanding access keys with critical or high severity excessive permissions , a significant security gap that poses substantial risk .
23 % of cloud identities have critical or high severity excessive permissions
Analysis of Amazon Web Services , AWS , Google Cloud Platform , GCP and Microsoft Azure reveals that 23 % of cloud identities , both human and non-human , have critical or high severity excessive permissions .
Critical vulnerabilities persist
Notably , CVE-2024-21626 , a severe container escape vulnerability that could lead to the server host compromise , remained un-remediated in over 80 % of workloads even 40 days after its publishing .
74 % of organisations have publicly exposed storage
74 % of organisations have publicly exposed storage assets , including those in which sensitive data resides . This exposure , often due to unnecessary or excessive permissions , has been linked to increased ransomware attacks .
Shai Morag , Chief Product Officer , Tenable
78 % of organisations have publicly accessible Kubernetes API servers
Of these , 41 % also allow inbound Internet access . Additionally , 58 % of organisations have cluster-admin role bindings , which means that certain users have unrestricted control over all the Kubernetes environments .
The report reflects findings by the Tenable Cloud Research team based on telemetry from billions of cloud resources across multiple public cloud repositories , analysed from January 1 through June 30 , 2024 .
12 www . intelligenttechchannels . com