close
close
newpress

Machine IDs are the next big cyber target, Venafi research has found

Posted on by Josh L
Machine IDs are the next big cyber target, Venafi research has found

Venafiand CyberArk the company today announced the results of its latest research report: The impact of machine identities on the state of internal cloud security in 2024. Surveying 800 security and IT decision makers from large organizations in the US, UK, France and Germany, this second annual report explores key computer identity security trends and issues affecting the state of cloud security today .

This year’s findings show that attackers are disrupting the native cloud environment with alarming regularity. 86% of organizations have experienced a security incident involving their cloud environment in the past year. As a result, 53% of organizations were forced to delay the launch of the program or slow down the production time; 45% experienced application service failures or crashes; 30% said attackers could gain unauthorized access to data, networks and systems.

Other key findings include:

  • Service accounts are the next threat boundary: 88% of security leaders believe machine identities, including access tokens and connected service accounts, are the next big target for attackers. More than half (56%) experienced a security incident last year involving machine identification while using service accounts.
  • Supply Chain Attacks Expected to Change AI: 77% of security leaders believe that AI poisoning will be the next attack on the software supply chain. Another 84% believe that supply chain attacks remain a clear and real threat. However, an alarming 61% say senior management focused on supply chain security last year.
  • Security and development teams continue to argue: 68% of security leaders believe that security professionals and developers will always be at odds, and 54% believe they are fighting a losing battle trying to get developers to put security first.

“The sleeping dragon has awakened: attackers are now actively exploring cloud infrastructure,” said Kevin Bocek, chief innovation officer at Venafi, a CyberArk company. “A massive wave of cyberattacks has now hit the cloud infrastructure, affecting most modern application environments. To make matters worse, cybercriminals are deploying artificial intelligence in a variety of ways to gain unauthorized access and exploit machine identities using service accounts on a growing scale. The volume, variety and speed of identity machines are becoming an attacker’s dream.”

AI threats loom on the horizon

Respondents also reported increasing pressure on cloud security as attackers attack these environments to compromise AI models and applications:

  • 77% are concerned about AI poisoning, where AI data input/output is manipulated for malicious purposes.
  • 75% are concerned about model theft.
  • 73% are concerned about the use of AI-based social engineering.
  • Another 72% worry about the origin of AI in the supply chain.

“There is enormous potential for AI to positively change our world, but it needs to be protected,” Bocek continues. “Whether it’s an attacker who sneaks in and damages or even steals a model, a cybercriminal who impersonates an AI to gain unauthorized access, or some new form of attack that we haven’t even thought of, the security team needs to be on foreground That’s why an AI switch based on the unique identity of individual models that learn, deploy, and run is more important than ever.”

The complexity of protecting machine identification information is increasing

The study also made it possible to understand in which areas organizations using cloud infrastructure experienced security incidents. Machine identifiers, such as access tokens used with service accounts, topped the list at 56%, but nearly as many (53%) experienced incidents involving other machine identifiers, such as certificates.

One of the reasons these incidents occur with such regularity is the increasing complexity of cloud environments. This creates new challenges for security teams to manage and secure the machine identities that underpin access and authentication in cloud environments:

  • 74% of security leaders agree that humans are the weakest link in machine identity protection. 83% of teams recognize that failure to secure machine identities at the workload level renders all other security measures obsolete.
  • 69% say that ensuring secure access between their cloud environment and data center is a “management nightmare,” while 89% face challenges in managing and protecting secrets at scale.
  • 83% believe that having multiple service accounts also complicates operations, but the majority (91%) agree that service accounts make it easier to uniformly define and apply policies in cloud environments.

Bochek concludes: “Criminals are increasingly focusing on the identity of machines in the cloud. Security teams must prioritize the security of machine identities as much as human identities. The great news is that secret management, certificate lifecycle management (CLM), and cloud security are available today. Automated end-to-end computer identity protection means businesses can improve their cloud security, ensuring operational stability and business growth.”

To read the full report, visit https://venafi.com/lp/cloud-native-security-report-2024/.

Additional resources: