The popularity of container technology has grown fast in software engineering, but 60 percent of organizations suffered at least one container-related security incident in 2018, mostly caused by the advancement of DevOps teams, according to Tripwire’s State of Container Security Report. 71 percent anticipate an increase in container security incidents in 2019, most likely raising the costs of hybrid cloud security.
All about Virtualization and Cloud Security | Recent Articles:
The healthcare industry is among the top targets of cyberattacks, especially since the internet of things found its way into the industry and completely revolutionized it. After healthcare’s share of ransomware attacks in 2017, and a great deal of data theft, phishing and more ransomware in 2018, cybercriminals gradually switched methods, tapping into the cryptojacking space.
Enterprises are at risk now more than ever because it seems they keep falling behind on infrastructure security, while hackers are more vigilant and sophisticated in their schemes. Researchers can’t really put their finger on what it is exactly that causes more damage –insider threats, targeted attacks or plain old outdated software, but one thing is certain: by 2023, more than 146 billion records will be leaked following security breaches, according to Juniper Research.
A few years ago, companies were reluctant to adopt cloud computing because they thought a lack of physical access to the network would deprive them of control over their data. A major shift occurred when they understood that, with suitable configuration and security, cloud computing offers serious benefits.
Cloud security has grown into a major issue for enterprises, as only one company in six encrypts all data, according to a Bitdefender survey. While 85% of CISOs fear security flaws in the public cloud, as many as 51 percent of enterprises don’t properly secure their cloud storage services, according to RedLock, leaving their data exposed to hackers.
Update November 2019: One of the most notable cryptojacking attacks of 2019 was based on Microsoft's BlueKeep vulnerability, which was used to deliver cryptomining software to legacy Windows systems starting summer 2019.
This proves that cryptomining is still a preferred payload for attackers who receive immediate financial rewards from each victim they infect without their knowledge.
Like most groundbreaking inventions, cryptocurrencies bring a moral paradox: while some people consider them a revolutionary tool to make the world a better place, others already use it to fuel their illegal activities. Therefore, it was just a matter of time before this energy-hungry activity became a serious cybersecurity issue.
Bitdefender telemetry revealed that from September 2017 until February 2018, ransomware reports have followed a descending curve, while coin miner reports have increased by 130 percent by January 2018. Interestingly, cryptojacking is currently one of the fastest spreading cyber threats, already outranking ransomware’s exposure by a factor of 1 to 100 according to Bitdefender’s intelligence, and is recently displaying targeted behavior, by leveraging fileless techniques and exploits to infiltrate organizations and spread laterally.