The increase of cyberattacks over the past year has seen ransomware demand continue to climb upwards, even reaching as high as $30 million. In general, the average ransom paid in exchange for a decryption key to unlock encrypted networks rose from $115,123 in 2019 to $312,493 in 2020.
To add to previously identified risks, IBM has warned that hackers are targeting enterprises moving to the cloud.
Not all analysts agree with the IBM assessment about cloud vulnerabilities and cybersecurity issues.
According to Next Pathway CEO Chetan Mathur: “IBM is spreading unwarranted fear. Yes, we live in a world of Cyber criminals; however, we have access to the technology, governance best practices and more recently political attention, to safeguard the cloud infrastructure that we all rely on.”
Mathur tells Digital Journal: “One of the silver linings of the pandemic is that the cloud industry is investing heavily in cyber security and automation to make it safe and reliable.”
In a direct response to IBM’s claims, Chetan also points out the following:
Targeting the cloud
The article focuses on a shift in cyber criminal’s efforts to the cloud, indicating a medium to long term shift (and investment) by these actors from on-prem to cloud attacks. In context, the threats remain and will rise in parallel to the increase in cloud adoption. We can stipulate this is true.
Cybercriminals are becoming more successful
There is no mention of an increase of successful exploitation or damages as a result and the reference to increased attacks on Linux apps does not reference actual successful attacks.
Legacy systems are vulnerable
There is no mention of the significant increase in in-depth security inherent in cloud environments, in that they are designed & built from the ground up to provide security. The critical point here is that many (or even most) of security weakness is due to older out of support systems which are easily exploitable.
The nature of the cloud is to maintain current systems automatically and the ability to rapidly patch and mitigate emerging threats with automation.
Cloud providers leverage economies of scale to invest heavily in security, as it is fundamental to cloud multi-tenancy and compliance to strict governmental regulation.