SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
Story image

Sysdig report highlights soaring costs of cloud attacks

Today

Sysdig has released its 2024 Global Threat Year-in-Review, documenting the increasing economic impact and scale of cloud-based attacks.

The report, compiled by Sysdig's Threat Research Team, evaluates the tactics employed by cyber attackers, particularly their use of automation and new cloud technologies. This year's findings indicate a notable shift towards the exploitation of artificial intelligence resources and cloud credential theft.

According to the report, AI resource jacking has emerged as a significant threat, with financial losses exceeding USD $100,000 per day in some cases. A notable incident involved an LLMjacking attack that resulted in a USD $30,000 loss for one victim within just three hours.

Cryptomining has remained a prevalent form of attack, with some instances involving over 500 cryptomining processes being activated every 20 seconds. The report refers to Meson Network attackers who employed automation to achieve these rapid deployments using compromised cloud accounts. Long-term attacks are exemplified by groups such as RUBYCARP, which have reportedly been siphoning resources for up to a decade.

In a further development, open source software is being utilised to steal credentials. The report highlights the CRYSTALRAY group, which exploited the SSH-Snake open source network mapping tool to harvest credentials from over 1,500 victims.

Michael Clark, Head of Sysdig Threat Research, emphasised the importance of resilience in the face of inevitable cyberattacks. "Proactive security programs should always assume compromise," he stated, adding, "Cyberattacks will continue, likely at a greater frequency, and prevention alone is simply insufficient as attackers' means of defence evasion continue to mature. Resilience following a cyberattack will keep businesses moving, as cloud attacks will continue to become faster, more sophisticated, and more expensive year over year."

The report highlights the growing financial burden of these breaches, stating that the average cost of a public cloud breach now exceeds USD $5 million. With cloud attacks having risen by 154% year-over-year, Sysdig's team forecasts that global cyberattacks could cost over USD $100 billion in 2025.

This year's trends have shown attackers increasingly using automation, open source tools, and new technologies to maximise their gains. The ongoing evolution of cloud environments requires constant vigilance and adaptation to protect resources effectively.

Sysdig's Threat Research Team plays a critical role in tracking the latest attack techniques and has uncovered 15 novel threats in recent years. The team's diverse expertise spans military, governmental, commercial, and academic fields, and their research underpins the industry's 555 Benchmark for Cloud Threat Detection and Response.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X