Trend Micro research found terabytes of stolen data sold in cloud logs, making cybercrime more widespread and effective
Trend Micro, a reference in cloud security, has identified a new type of cyber crime. Criminals are using cloud services and technology to accelerate attacks, which reduces the amount of time companies have to identify and respond to a breach.
Trend Micro Research found terabytes of internal business data and logins for popular providers like Amazon, Google, Twitter, Facebook and PayPal for sale on the dark web. This data is sold through access to the cloud logs in which it is stored. This results in more stolen accounts being monetized, and the time from initial data theft to stolen information being used against a company has decreased from weeks to days or hours.
"The new market for access to cloud logs ensures that stolen information can be used more quickly and effectively by the cybercrime community - this is bad news for corporate security teams," says Robert McArdle, director of threat research Trend Micro's future plans. “This new market shows how criminals are using cloud technologies to compromise you, which also means that a company is not protected from this method of attack if it uses only on-premises services. All organizations will need to double preventive measures and ensure that they have the necessary visibility and controls to react quickly to any incidents that occur. ”
As soon as access is acquired for stolen data logs based on the cloud, the buyer uses the information for secondary infection. For example, Remote Desktop Protocol (RDP) credentials can be found in these logs and are a popular entry point for criminals looking to attack companies with ransomware.
Storing terabytes of stolen data in cloud environments has the same appeal to criminal companies as to legitimate organizations. Cloud storage offers scalability and speed, providing greater computing power and bandwidth to optimize operations.
Access to these cloud data logs is generally sold by subscription for up to US$ 1,000 per month. Access to a single log can include millions of records, and higher prices are obtained for frequently updated data sets or the promise of relative exclusivity.
With immediate access to data in this way, cybercriminals can streamline and accelerate the execution of attacks and potentially expand the number of targets. The result is the optimization of cyber crime, ensuring that specialized threat agents in specific areas - for example, cryptocurrency theft or e-commerce fraud - can gain access to the data they need quickly, easily and relatively cheaply.
The Trend Micro study warns that in the future, such activity may even give rise to a new type of cybercriminal - a data mining expert who uses machine learning to improve pre-processing and information extraction to maximize its usefulness for buyers. The general trend will be the standardization of services and prices, as the sector matures and becomes more professional.
To see the full report, visit:
