Cloud environments, including software-as-a-service tools, could be easily compromised by threat actors due to defense challenges brought upon by the shared responsibility model, as well as inadequate visibility and overall client control, according to SC Media.
While breaching physical networks that are secured with a well-defined perimeter and numerous defensive tools would require comprehensive know-how from threat actors, such knowledge is not so valuable in targeting cloud systems due to the availability of extensive documentation and open-source hacking tools, reported Mitiga researchers at the BSides Las Vegas security conference.
Such ease in infiltrating cloud environments should prompt organizations to secure sufficient logs from their cloud service providers for greater visibility, leverage CSPs' security offerings alongside their own security tools, and enhancing threat hunting and red-teaming efforts on cloud and SaaS assets, researchers said.
"The new perimeter in cloud is identity. It's a cliche already, but it's true. Attackers don't break in; they log in," said Mitiga Field Chief Technology Officer Roei Sherman.