Enterprise workloads are shifting to cloud and hosting environments in ever greater numbers and attacks that have historically targeted on-premises environments are following them, according to a new report.
But while attacks on cloud environments have increased significantly in frequency and are becoming as diverse as those targeting on-premises data centers, the data also reveal that the cloud is not inherently less secure than traditional on-premises environments.
"Cloud deployments are no less secure than your own data centers," says Stephen Coty, chief security evangelist at Alert Logic, a provider of managed security services for on-premises data centers as well as hosting and cloud service providers. "That's what the numbers are really showing across the board."
Alert Logic this week released its Spring 2014 Cloud Security Report, the latest in a series of cloud security reports it began releasing in early 2012.
The Spring 2014 report is based on a combination of real-world security incidents captured in customer environments secured via Alert Logic's intrusion detection system (IDS) and honeypot data gathered using low-interaction software to emulate a vulnerable OS. The report draws from 232,364 verified security incidents (validated by a team of Global Information Assurance Certification (GIAC)-certified security analysts) that were identified from more than one billion events observed between April 1 and September 30, 2013.
Alert Logic says the customer set includes 2,212 organizations across multiple industries, located primarily in North America and Western Europe. Of those customers, 80 percent use cloud hosting provider (CHP) environments, while 20 percent represent on-premises data centers.
Attacks Have Increased Across All Incident Types
Alert Logic found that with a single exception, attacks have increased across all incident types malware/botnet, brute force, vulnerability scan, Web app attack, recon and app attack in both on-premises and CHP environments.
In CHP environments, brute force attacks (exploit attempts enumerating a large number of combinations in hopes of finding a weakness) increased from 30 percent of customers in the 2013 report to 44 percent of customers in the current report. Vulnerability scans (automated vulnerability discovery in applications, services or protocol implementations) increased from 27 percent to 44 percent in the same period.
The sole exception to the increases was app attacks (exploit attempts against applications or services not running over HTTP) in on-premises environments, which were experienced by 19 percent of on-premises customers in 2013 and 16 percent in 2014. On the CHP side, app attacks increased from 3 percent of customers to 4 percent of customers over the same period.
Coty notes that while brute force attacks and vulnerability scans have historically been far more likely to target on-premises environments, the data show that they are now occurring at near-equivalent rates in both CHP and on-premises environments. Likewise, malware/botnet attacks, which are the most prevalent form of incident for on-premises data centers (affecting 56 percent of customers), are on the rise in CHP environments; they now affect 11 percent of customers.
Sign up for Computerworld eNewsletters.