Cloud and AI drive efficiency, but open doors for attackers

Cloud and AI drive efficiency, but open doors for attackers

AI adoption is increasing, with 84% of organizations now using AI in the cloud, according to Orca Security. But this innovation comes with new risks: 62% of organizations have at least one vulnerable AI package, and some of the most prevalent AI-related CVEs enable remote code execution.

AI adoption comes with new risks

“While multi-cloud architectures offer outstanding flexibility and growth, it also makes it harder to maintain consistent visibility and coverage across environments. Add AI adoption to the mix, with organizations rushing to run vulnerable packages in the cloud, and you have a uniquely difficult environment for security professionals,” said Gil Geron, CEO, Orca Security.

As organizations store more sensitive data in the cloud, the prevalence of data exposure is rising: 38% of organizations with sensitive data in their databases also have those databases exposed to the public. 13% of organizations have a single cloud asset that supports more than 1,000 attack paths.

Cloud assets are often neglected

As cloud adoption and cloud-native technologies expand, so too does the volume and severity of cloud risks. Nearly a third of cloud assets are neglected, and each asset contains on average 115 vulnerabilities. Both are two data points among many others illustrating this troubling trend.

The most neglected asset type is virtual machines (95% of organizations have at least one), while the most neglected operating system (OS) distribution is Ubuntu (88% of organizations have at least one instance). Additionally, findings show that more than a fifth of organizations are neglecting at least 40% of their cloud assets.

89% of organizations have at least one neglected cloud asset exposed to the internet, a 7% increase year over year. Industries particularly susceptible to public-facing neglected assets include:

  • Consumer & manufacturing — 97%
  • Technology — 94%
  • Public sector — 92%

Attack surfaces are expanding

76% of organizations have at least one public-facing asset that enables lateral movement, turning a single risk into an opportunity for broader compromise.

To illustrate, 36% of organizations have at least one cloud asset supporting more than 100 attack paths, giving attackers a direct route to endanger high-value assets.

Healthcare is the industry most susceptible to sensitive data exposure for databases, an alarming fact for organizations. The Health Insurance Portability and Accountability Act (HIPAA), for example, regulates the privacy of protected health information (PHI) in the US, and can impose fines up to $1.5 million for violations depending on culpability. Yet the risk appears to affect a significant proportion of organizations across all industries.

Cloud security risks aren’t confined to runtime environments, they often originate earlier in the application development lifecycle. 85% of organizations have plaintext secrets embedded in their source code repositories. If a repository is exposed, attackers can extract the secrets to access systems, exfiltrate data, and more.

Kubernetes usage and risks

Most organizations use Kubernetes in their cloud environments (70%), with adoption increasing YoY (15%). Of organizations using Kubernetes, 30% have at least one Kubernetes asset (e.g., workload, identity, configuration) that is publicly exposed. Like other cloud assets, public exposure increases the risk of unauthorized access and related security incidents.

Besides Kubernetes adoption, we also see a significant share of organizations with Kubernetes risks. One in every two K8 organizations have at least one cluster with an unsupported version of Kubernetes installed, leaving the cluster vulnerable to known exploits.

Additionally, 93% of K8 organizations have an overprivileged service account, which attackers can exploit to escalate privileges, access sensitive data, or disrupt the cluster.

“Traditional exposures, like neglected cloud assets and exposed sensitive data, continue to grow. At the same time, new challenges are emerging—from the rapid rise of non-human identities to a growing number of AI-related vulnerabilities,” said Melinda Marks, Practice Director, Cybersecurity, Enterprise Strategy Group.


Source link