Aqua Security has been able to conclude after a one-year examination that the majority of cyber attacks launched against cloud servers were intended for secret crypto mining. This signals that hackers are now interested in crypto mining with malware, more than other cyber threats. For this reason, they have diversified and improved their intrusion methods.
Hackers now interested in crypto mining
Aqua Security is a leading pure-play cloud native security firm based in Israel. The cybersecurity computer published a 70-page ‘Threat Report’ on cloud servers, which it began tracking and analyzing from June 2019 and July 2020 on cloud honeypot servers. With about 16,371 attacks analyzed, the company disclosed that hackers are more interested in breaking into cloud servers for crypto mining purposes.
At the beginning of the year, hackers heightened their efforts to break into cloud systems, as the cybersecurity firm noted a 250 percent surge in attacks. During the time, the majority of the hackers’ actions were purported to enable them to gain control of honeypot servers, after which they will try to deploy container images with malware onto the server.
As Aqua Security explained, a greater percentage of those images (about 95 percent) were maligned for crypto mining. Only a few of these images were intended for some other malicious purposes like setting Distributed Denial-of-Service (DDoS) infrastructure.
Hackers are improving their techniques
The company further noted that hackers have been improving their intrusion methods, including malware. They are now using more sophisticated techniques to attack servers which makes it almost impossible to be spotted using a signature-based security system, or through static analysis.
Head of Team Nautilus at Aqua, Idan Revivo, commented:
The attacks we observed are a significant step up in attacks targeting cloud native infrastructure. We expect a further increase in sophistication, the use of evasion techniques, and diversity of the attack vectors and objectives, since the widespread use of cloud native technologies makes them a more lucrative target for bad actors.
Security experts have been advised to step up their measures to intercept such attacks.
