Palo Alto Networks reveals magnitude of cloud misconfiguration risk to organizations


Palo Alto Networks threat intelligence team, Unit 42 has released the Unit 42 Cloud Threat Report 2H 2020, revealing significant risks to global enterprises adopting cloud workloads.

Key findings include:

  • Unit 42 researchers demonstrate the impact of cloud misconfigurations
    • During a Red Team exercise with a customer, Unit 42 discovered two critical AWS misconfigurations in less than one week that could have led to a multi-million dollar data breach. Palo Alto Networks helped the customer remediate the issue.
  • Cryptojacking is a growing cloud threat for organizations 
    • 23% of organisations globally that maintain cloud infrastructure are affected by cryptojacking (up from 8% in February 2018) — and poorly configured environments are most at risk.
  • Poor cloud security hygiene plague organizations
    • 62% of global organisations run GCP workloads with admin privileges; 47% of global organisations on AWS workloads don’t have MFA enabled for users. Both are examples of potential avenues for attackers to infiltrate an organization.