Learning Library

← Back to Library

Key Takeaways from X-Force Cloud Threat Report

3mUnknown ChannelsecuritynewsintermediateWatch on YouTube ↗

Key Points

  • The cloud market is projected to reach about $600 billion in 2024, accelerating the migration of critical data to cloud services and heightening the need for robust security measures.
  • Phishing accounts for roughly 33% of cloud‑related incidents, making it the leading initial‑access vector observed by X‑Force over the past two years.
  • Cross‑site scripting (XSS) vulnerabilities comprise 27% of newly discovered CVEs and are the most impactful common‑vulnerability exposure, enabling attackers to steal tokens or redirect users to malicious sites.
  • Compromised or over‑privileged cloud credentials remain a major risk, with 28% of incidents involving legitimate credentials and continued demand for cloud credentials on dark‑web marketplaces despite overall market saturation.
  • Threat actors increasingly leverage trusted cloud file‑hosting services for command‑and‑control and malware distribution, and business‑email‑compromise attacks (39% of incidents) combined with misconfigurations—especially in Linux authentication settings—represent the top compliance failures in cloud environments.

Sections

Full Transcript

# Key Takeaways from X-Force Cloud Threat Report **Source:** [https://www.youtube.com/watch?v=OAoqX0iyE6Q](https://www.youtube.com/watch?v=OAoqX0iyE6Q) **Duration:** 00:03:34 ## Summary - The cloud market is projected to reach about $600 billion in 2024, accelerating the migration of critical data to cloud services and heightening the need for robust security measures. - Phishing accounts for roughly 33% of cloud‑related incidents, making it the leading initial‑access vector observed by X‑Force over the past two years. - Cross‑site scripting (XSS) vulnerabilities comprise 27% of newly discovered CVEs and are the most impactful common‑vulnerability exposure, enabling attackers to steal tokens or redirect users to malicious sites. - Compromised or over‑privileged cloud credentials remain a major risk, with 28% of incidents involving legitimate credentials and continued demand for cloud credentials on dark‑web marketplaces despite overall market saturation. - Threat actors increasingly leverage trusted cloud file‑hosting services for command‑and‑control and malware distribution, and business‑email‑compromise attacks (39% of incidents) combined with misconfigurations—especially in Linux authentication settings—represent the top compliance failures in cloud environments. ## Sections - [00:00:00](https://www.youtube.com/watch?v=OAoqX0iyE6Q&t=0s) **Key Findings from IBM X‑Force Cloud Report** - The episode outlines the booming 2024 cloud market and summarizes the report’s seven takeaways, highlighting phishing as the leading access vector and cross‑site scripting as the most impactful vulnerability. ## Full Transcript
0:00a look at the xforce cloud thread 0:02landscape report and its seven key 0:04takeaways all on this episode of IBM 0:07Tech 0:10now with the cloud computing Market 0:12expected to reach approximately 600 0:15billion US in 2024 the adoption of cloud 0:18infrastructure continues to rise 0:21organizations are increasingly moving 0:23business critical data from on premises 0:25to Cloud infrastructure and services 0:27driving the need for proper defensive 0:29measure measures and securing data in 0:31the cloud understanding the cloud threat 0:34landscape and its potential impacts on 0:35the business is essential for both it 0:38and the Sea Suite that's why the IBM 0:40xforce team gathers and analyzes data to 0:43produce the xforce cloud threat 0:45landscape report now in its fifth year 0:48the cloud threat landscape report 0:49provides a global cross-industry 0:51perspective on how threat actors are 0:54compromising Cloud environments the 0:55malicious activities they're conducting 0:57once inside compromise networks and the 0:59Imp act it's having on organizations in 1:02their data Gathering and Analysis xforce 1:04uncovered the most prevalent security 1:06risks organizations could encounter from 1:08thread actors in their Cloud Journey 1:10here are the top seven takeaways first 1:14fishing is the leading initial access 1:16Vector accounting for 33% of all Cloud 1:19related incidents xforce responded to 1:21over the past 2 years second cross-site 1:25scripting leads as the most impactful 1:27common vulnerability and exposure xss 1:30vulnerabilities composed 27% of newly 1:33discovered cve during the reporting 1:35period which could allow threat actors 1:37to steal session tokens or redirect 1:39users to malicious web pages third there 1:42is a continued demand for cloud 1:44credentials on the dark web despite 1:46Market saturation while the overall 1:48mention of SAS platforms on the dark web 1:51marketplaces decreased by approximately 1:5320% gaining access using compromised 1:56Cloud credentials is the second most 1:58common initial attack vector 2:00fourth there's an increased use of 2:02trusted cloud-based file hosting 2:04services for malicious activities more 2:07and more frequently threat actors are 2:08leveraging trusted cloud-based services 2:10like Dropbox one drive and Google Drive 2:13for command and control Communications 2:15and malware 2:16distribution fifth 28% of cloud related 2:20incidents involve the use of legitimate 2:22credentials to get into victim 2:24environments often these accounts are 2:26overprivileged posing a significant 2:28security challenge for organiz ations 2:31six business email compromise attacks 2:33where attacker spoof email accounts 2:35posing as someone within the victim 2:36organization or another trusted 2:38organization accounted for 39% of 2:41incidents over the past 2 years and 2:43seventh compliance failures harm the 2:46security of client Cloud environments 2:48the number one failed security rule in 2:51100% cloudon environments involved 2:54improper configuration of essential 2:56security and management settings in 2:58Linux systems the the number one fail 3:00security rule environments where 50% or 3:02more of the systems are in the cloud 3:04involv the failure to ensure consistent 3:07and secure authentication and 3:08cryptography practices to download the 3:11full report and learn more click the 3:13link in the description of this video 3:15thanks so much for joining me today for 3:16this episode of IBM Tech now if you're 3:18interested in learning more about the 3:19topics I've covered make sure you 3:21explore the links in the description of 3:23this video and of course please don't 3:25forget to subscribe to our channel to 3:26stay up to date on what's going on in 3:28Tech now 3:30[Music]