The attacks on cloud apps to the global companies have increased a 65% between september 2018 and February 2019, according to the study “Cloud Application Attack Snapshot; Q1 2019”, published by Proofpoint, Inc.
Talking about the place from where the attacks come, Nigeria is on the first place with a 40% of threats, followed by China, with a 26% according to the used Ips.
For that, the cyberattackers use sheer force tactics along with intelligence to decode passwords, and also sophisticated methods of phising which use is to attract the victims to click and reveal their authentification credentials, allowing like this to enter in the cloud apps, like Microsoft Office 365 and Google G Suite.
Once they gain access, the attackers usually advance positions inside the organisation, moving in a lateral way through internal phising messages to infect other users, obtain the confidential information and transfer funds illegaly.
The education sector is one of the most attacked, with the use of sheer force methods and more sophisticated phising tries. This area, and more specifically the students, are very vulnerables due to their remote user nature.
“ While the organisations are bringing to the Cloud their business critical functions, the cyberdelinquents get advantage of the inherited protocols that leave the users vulnerable at the time of using the Cloud apps”, explained Ryan Kalember, vice president executive of the Cybersecurity Strategy for Proofpoint.
“These attacks are focused in very specific individuals in the organisation and not in the infrastructure, being their reach and sophistication constantly growing. For that, we recommend the companies to establish a focused security strategy first in the Cloud, that prioritize the protection of the employees and educate them to be able to identify and report this advanced threats”.
These are some of the relevant data of the study, according in which method the cyberdeliquent uses:
Sheer force attacks:
- The spray type atatcks to IMAP passwords figure as the most and extended popular technique to compromise accounts from Microsoft Office 365. They’re produced when the attackers try to detect common passwords or recently leaked between lots differents at same time.
- The majority of these sheer force attacks come from China (53%), Brazil(39%) and USA(31%).
- More than the 25% of the examined Office 365 users have experienced unauthorized logins and a 60% have been objective from actively attacks. The success of these atatcks have been the 44% during the first term of 2019.
- Phising attacks in the clod apps have its origin mainly in Nigeria(63%), South Africa(21%) and USA through VPNs(11%)
- The attackers use to modify the resend rules of the emails or configure the email delegations to maintain access, The same way, they use VPN services to elude the conditional access and the authentification based on geolocation.