Among Infrastructure as a Service (IaaS) users, 67 per cent were hit by ransomware globally this year, and 56 per cent experienced an increase in the volume of attacks on their organisation when compared to the previous year, a report revealed on Wednesday.
In addition, 59 per cent experienced an increase in the complexity of attacks, according to the report by cyber-security firm Sophos.
“Unpatched vulnerabilities and misconfigured resources are both preventable mistakes and avoidable risks that make life easier for attackers. Most attackers are not unstoppable criminal masterminds, but rather opportunistic cyberthugs looking for an easy payday,” said John Shier, a senior security advisor at Sophos.
“However, the survey also found that more advanced IaaS users are twice as likely to report a decrease in attack impact than beginners, suggesting the appropriate defence mechanisms can go a long way in deterring threat actors. For users who need help, we recommend security services that have the 24/7 experts who can detect and quickly respond to active attacks,” he added.
Moreover, only 37 per cent track and detect resource misconfigurations, and only 43 per cent scan IaaS resources for software vulnerabilities on a regular basis.
About 65 per cent of cloud users reported not having visibility of all resources and their configurations, and only 33 per cent said their organisation has the resources to continuously detect, investigate and remove threats in their IaaS infrastructure, the report added.