Poorly configured cloud services can be exploit by threat actors in minutes and sometimes in under 30 seconds. Attacks include network intrusion, data theft and ransomware infections, researchers have found.
Researchers at Palo Alto Networks’ Unit 42 used a honeypot infrastructure of 320 nodes deployed globally in which they misconfigured key services within a cloud–including remote desktop protocol (RDP), secure shell protocol (SSH), server message block (Samba) and Postgres database.
What they found was that attackers jumped at the opportunity to exploit the misconfigurations, with 80 percent of the 320 honeypots compromised within 24 hours and all compromised within a week, researchers disclosed in a report posted Monday.
