Elastic report: Nearly 33% of cyberattacks in the cloud leverage credential access

Elastic report: Nearly 33% of cyberattacks in the cloud leverage credential access

Table of Contents

Check out out the on-need periods from the Reduced-Code/No-Code Summit to understand how to productively innovate and realize effectiveness by upskilling and scaling citizen builders. Enjoy now.

The 2022 Elastic World wide Risk Report uncovered that nearly 33% of attacks in the cloud leverage credential access, indicating that users generally overestimate the stability of their cloud environments and for that reason fail to configure and protect them adequately. 

>>Don’t pass up our new exclusive problem: Zero believe in: The new stability paradigm.<<

Key findings for the report are centered on three primary trends: the role of human error in increasing cloud security risks, commercial software being used maliciously and endpoint attacks becoming more diverse due to the high efficacy of most endpoint security software.

And while commercial adversary simulation software such as CobaltStrike is helpful to many teams’ defense of their environments, it is also being used as a malicious tool for mass-malware implants. 


Intelligent Security Summit

Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.

Register Now

Other findings from the Elastic report include:

Image source: Elastic.
  • 54% of all malware infections were on Windows endpoints, while 39% were on Linux endpoints.
  • The largest contributor of Linux-based malware/payloads was Meterpreter at 14%, followed by Gafgyt at 12%, and Mirai at 10%.
  • CobaltStrike was the most popular malicious binary or payload for Windows endpoints with 35% of all detections, followed by AgentTesla at 25% and RedLineStealer at 10%.

Lastly, more than 50 endpoint infiltration techniques are being utilized by threat actors, suggesting that endpoint security is working well, as its sophistication requires threat actors to continually find new or novel methods of attack to be successful. 


The report was produced by Elastic Security Labs, the company’s threat research, malware analysis, and detection engineering team, and compiled using telemetry from worldwide deployments of Elastic Security from August 2021 to August 2022.

Read the full report from Elastic.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.

Related Post