As a leading provider of Security-as-a-Service solutions for the cloud, Alert Logic regularly conducts a comparative analysis across customer cloud and on-premises infrastructures, releasing the results in the company’s annual report on the state of cloud security. Research compiled for this report indicates a significant increase in attacks across both cloud and on-premises environments, the company reported in a news release on April 22.
Drawing on data obtained from a customer base of 2,200, Alert Logic found a significant increase in activity across cloud and hosting environments compared to last year’s findings — brute force attacks climbed from 30% to 44% of customers, and vulnerability scans increased from 27% to 44%. These two types of incidents — historically far more likely to target on-premises environments — are now occurring at near-equivalent rates in both cloud and on-premises environments.
“Our intelligence suggests that the observed increase in cloud attacks is correlated to the growth of cloud adoption in the enterprise,” said Stephen Coty, chief security evangelist at Alert Logic. “As more enterprise workloads have moved into cloud and hosted infrastructures, some traditional on-premises threats have followed them. This reinforces the necessity for enterprise-grade security solutions specifically designed to protect cloud environments.”
For this report, Alert Logic also selected an area for additional investigation. The company deployed honeypots in public cloud infrastructures around the world to observe attack types and frequency.
Key findings from the honeypot deployments are highlighted in this edition of the Cloud Security Report, and include the following observations:
- Highest volume of attacks occurred in Europe, where honeypots experienced four times the number of attacks as the U.S.;
- 14% of malware collected through the honeypots was considered undetectable by 51 of the world’s top antivirus vendors.
About the Cloud Security Report
During the research period between April 1 and September 30, 2013, Alert Logic observed more than one billion security events and verified more than 232,364 security incidents as valid threats. The Alert Logic Cloud Security Report – Spring 2014 evaluates three vectors of analysis — incident occurrence, incident frequency and threat diversity — across six security incident categories.