Mcafee: Cyberattacks Target Enterprise Cloud

McAfee found a close link between an increase in attacks on cloud services used by various companies and the increased use of these services due to the digital transformation triggered by the pandemic.

Threats also exploit security holes caused by “Shadow IT”, so a new security solution that is capable of detecting them is needed, namely the Cloud Access Security Broker (CASB).

2020 is a year that has changed many things, from social restrictions to shifting most daily activities to the online realm. McAfee saw a 50 percent upward trend in enterprise cloud use in the first four months of 2020.

The increase was seen in collaboration services such as Microsoft 365 (123 percent), Cisco Webex (600 percent), Zoom (350 percent), Microsoft Teams (300 percent), and Slack (200 percent).

Meanwhile, according to IDC data, companies in Asia Pacific, especially in Indonesia, plan to increase cloud usage by more than 40 percent since the third quarter of 2020 in line with the acceleration of digital transformation within companies.

In 2021, with most companies implementing remote or remote work systems, the use of cloud platforms will also increase again.

The more cloud services companies use means more opportunities for cybercriminals, so the number of attacks also increases. By the end of 2020, McAfee Mvision saw a 630 percent spike in attacks on cloud accounts and services used by companies worldwide overall in some sectors.

These sectors include transportation (1,350 percent), education (1,114 percent), government (773 percent), manufacturing (679 percent), financial services (571 percent), and energy and utilities (472 percent).

McAfee predicts the attacks will start leveraging AI to increase effectiveness against thousands of home networks of workers. In addition, attackers will target companies and attack entire devices, networks and the cloud in this way in the coming months. 

Many companies are still busy fixing their cloud service operations, and this has the potential to create security holes. For example, there are companies that still stream cloud data through physical security devices in the data center, which actually slows down traffic and makes employees impatient and chooses shortcuts.

Most employees choose to do the easiest and fastest way to get the job done, and the term “shadow IT” is coined: for example turning off a corporate VPN, or storing data and using third-party applications.

Employees also have multiple devices, creating multiple connection paths to corporate cloud applications that the company IT administration must monitor one by one.

This increasingly high security workload prompted security service providers like McAfee to create CASBs in the form of Mvision Cloud. CASBs are implemented at the edge of the network and are used to monitor each connection of the cloud service and provide full visibility for the company.

“CASB, like other cybersecurity tools, is a part of IT cybersecurity that protects all parts of the company,” explained Jonathan Tan, Managing Director, Asia, McAfee.

“There are two broad lines that IT leaders must understand, namely that CASB is not a tool that is measured financially, and although CASB is able to provide full visibility to the cloud, the company still has to work closely with all stakeholders to provide education and policy dissemination to all employees to prevent and reduce “Shadow IT” and the risks it causes.