2023 Global Cloud Threat Report: Cloud Attacks are Lightning Fast

The 2023 Global Cloud Threat Report by the Sysdig Threat Research Team reveals the rapid pace and sophistication of cloud-based cyberattacks, highlighting that attackers are leveraging the complexity of cloud environments to evade detection and execute swift attacks. The report emphasizes the growing prevalence of cryptojacking, where attackers exploit cloud and container environments for cryptomining, causing financial losses for victims. It also discusses the security challenges in the software supply chain, revealing how malicious containers in public image repositories have been used for distributed denial of service campaigns, particularly in geopolitical conflicts like Russia's invasion of Ukraine. The telecommunications and financial sectors are identified as primary targets, with attackers using automation and stealth tactics, such as IP obfuscation and privilege escalation via AWS CloudFormation, to navigate cloud environments without detection. The research highlights the importance of runtime security controls, as traditional static analysis and vulnerability scanning miss a significant portion of malicious images. Additionally, the report suggests that as cloud-native tools and applications become central to networks and security, supply chain compromises will remain a critical focus for both attackers and defenders.