We spoke with Jeannette Lee Heung, Senior Director, Global Channel and Ecosystems at Aqua Security, a pioneer in cloud native security, today published its 2023 Cloud Native Threat Report, which summarizes research and observations in the last year by Aqua Nautilus threat researchers. Based on analysis of actual attacks in the wild, the report provides security practitioners insight into threat actors’ changing tactics, techniques and procedures in order to better protect their cloud environments.
The report covers three key areas: software supply chain; risk posture, which includes vulnerabilities and misconfigurations; and runtime protection. Of the many findings, one of the most significant demonstrates that threat actors are heavily investing resources to avoid detection to establish a stronger foothold in compromised systems. Nautilus research found that — compared to findings in the 2022 Cloud Native Threat Report — there has been a 1,400% increase in fileless or memory-based attacks, which exploit existing software, applications, and protocols to perform malicious activities.
In fact, threat actors are using many techniques to conceal their campaigns. Aggregated honeypot data collected over a six-month period showed that more than 50% of the attacks focused on defense evasion. These attacks included masquerading techniques, such as files executed from /tmp, and obfuscated files or information, such as dynamic loading of code. These findings illustrate the critical importance of runtime security.
The report also highlighted Nautilus research into software supply chain risk. The report illustrates various areas in the cloud software supply chain that can be compromised and pose a significant threat to organizations. In one specific use case, Nautilus demonstrates the implications of misconfigurations in the software supply chain and how they can lead to critical threats. This is significant because organizations of all sizes are at risk for misconfigurations and even minor misconfigurations can have a serious impact.
Visit Aqua Security’s website at www.aquasec.com