Mumbai cloud server honeypot hit with more than 678,000 attempted attacks
Sophos announced the findings of its report, Exposed: Cyberattacks on Cloud Honeypots, which reveals that cybercriminals attacked one of the cloud server honeypots within 0:55:11 minutes of going live in Mumbai, India, which was second to Ohio, US, in the number of login attempts made, from a total of 10 honeypots placed worldwide. On average, the cloud servers were hit by 13 attempted attacks per minute, per honeypot. The honeypots were set-up in 10 of the most popular Amazon Web Services (AWS) data centres in the world, including California, Frankfurt, Ireland, London, Mumbai, Ohio, Paris, Sao Paulo, Singapore, and Sydney over a 30-day period. A honeypot is a system intended to mimic likely targets of cyberattackers so that security researchers can monitor cybercriminal behaviours.
In the study, more than 5 million attacks were attempted on the global network of honeypots in the 30-day period, demonstrating how cybercriminals are automatically scanning for weak open cloud buckets. If attackers are successful at gaining entry, organizations could be vulnerable to data breaches. Cybercriminals also use breached cloud servers as pivot points to gain access to other servers or networks.
Continuous visibility of public cloud infrastructure is vital for businesses to ensure compliance and to know what to protect. However, multiple development teams within an organization and an ever-changing, auto-scaling environment make this difficult for IT security.
Key features in Sophos Cloud Optix include:
- Smart Visibility - Automatic discovery of organization’s assets across AWS, Microsoft Azure and Google Cloud Platform (GCP) environments, via a single console, allowing security teams complete visibility into everything they have in the cloud and to respond and remediate security risks in minutes
- Continuous Cloud Compliance – Keeps up with continually changing compliance regulations and best practices policies by automatically detecting changes to cloud environments in near-time
- AI-Based Monitoring and Analytics - Shrinks incident response and resolution times from days or weeks to just minutes. The powerful artificial intelligence detects risky resource configurations and suspicious network behaviour with smart alerts and optional automatic risk remediation
Sophos Cloud Optix leverages AI-powered technology from Avid Secure, which Sophos acquired in January 2019. Founded in 2017 by a team of highly distinguished leaders in IT security, Avid Secure revolutionized the security of public cloud environments by providing effective end-to-end protection in cloud services, such as AWS, Azure and Google.
Pricing and availability details are available from Sophos Partners worldwide.