Amazon Web Services is the most exploited cloud platform in 2022
As more and more consumers are shifting to cloud technologies, so are cybercriminals, and their eyes are aimed at the biggest market players.
According to the data presented by the Atlas VPN team, Amazon Web Services (AWS) suffered the most cloud-native exploits among cloud service providers as of April 2022. In total, it experienced 10 cloud-native exploits accounting for nearly a fifth (18.9%) of all such events in the first four months of this year.
Cloud-native threats refer to those cyber events that exploit the cloud in one or more stages of the kill chain. The numbers are based on the data collected by Hackmageddon. Data includes the main cloud-native threats reported from January through April of 2022.
A total of five services occupies the second place on the list. Microsoft OneDrive, Discord, Dropbox, Google Drive, and GitHub each endured five threats accounting for 9.4% of cloud-native exploits in the first four months of 2022.
Next up is Pastebin. Threats aimed at the service comprised 5.7% of cloud-native exploits as of April, followed by Microsoft 365 Suite and Microsoft Azure, each at 3.8%.
The rest of the services that fell victim include Adobe Creative Cloud, Blogger, Google Docs, Google Firebase, Google Forms, MediaFire, and Microsoft Teams. Each faced 1.9% of the threats.
Together all Microsoft services endured 18.9% of total cloud-native exploits within the first four months of the year, matching the exploit numbers of AWS, meanwhile Google — 15.1%.
The majority (64.8%) of exploits were aimed at delivering a malware strain or a phishing page. A total of 18.5% of the services were exploited as a command and control infrastructure. At the same time, 16.7% were aimed at stealing data or launching other attacks.
Amazon Web Services is leading the cloud infrastructure service market
While Amazon's AWS tops the charts as the most exploited cloud service provider, it also leads the cloud market at large.
According to the information provided by Finbold and Synergy Research Group, AWS accounts for nearly a third (33%) of cloud infrastructure service providers according to the Q4 2021 statistics — more than any other service.
Another victim of cloud-native exploits this year, Microsoft Azure, ranks second. It has a share of 21%. Meanwhile, Google Cloud rounds out the top three list with a share of 10%.
Cloud servers are an attractive target to cybercriminals due to the availability of various tools within the same application to deliver malicious content and the vast amount of sensitive data they hold. It is especially true when it comes to the market leaders as they have the biggest share of users.