CP
cyberpings
Cloud SecurityHIGH

Cloud Identity Compromise - Driving 80% of 2025 Incidents

SCSC Media
cloud securityidentity compromiseMicrosoft Teamsransomwarecredential harvesting
🎯

Basically, hackers used stolen login details to access cloud accounts and cause trouble.

Quick Summary

A new report reveals that compromised cloud identities drove over 80% of security incidents in 2025. This alarming trend highlights the urgent need for stronger identity security measures. Organizations must act now to protect against these evolving threats.

What Happened

A recent report from Field Effect revealed that compromised cloud identities were responsible for over 80% of security incidents in 2025. This marks a significant change in how attackers operate. Instead of exploiting software vulnerabilities, they logged in using valid credentials. Earl Fischl, Director of Security Services, emphasized that identity has become the main target for cybercriminals.

Attackers have been using trusted collaboration tools like Microsoft Teams and Zoom to blend into normal business activities. One notable campaign involved impersonating IT help desks to trick employees into granting remote access. This tactic led to credential harvesting, lateral movement within networks, and even ransomware deployment.

Who's Being Targeted

Organizations of all sizes are at risk, particularly those utilizing cloud services heavily. Employees in companies using tools like Microsoft Teams and Quick Assist are prime targets. The report suggests that attackers are increasingly focusing on edge infrastructure, including VPN appliances and firewalls, often using reused credentials to gain access.

The rise of generative AI has also played a role, allowing attackers to scale their methods quickly. This means that even small organizations can become victims of sophisticated attacks, as the barriers to entry for cybercriminals continue to lower.

Signs of Infection

Organizations should be vigilant for signs of compromised identities. Some indicators include unusual login attempts, especially from unfamiliar locations, and unexpected requests for remote access. Employees might notice strange behavior in collaboration tools, like unsolicited messages from supposed IT personnel.

To mitigate these risks, businesses must enhance their identity security measures. This includes implementing multi-factor authentication (MFA) and regularly monitoring access logs for anomalies. Training employees to recognize phishing attempts and suspicious activity is also crucial.

How to Protect Yourself

Organizations can take several steps to strengthen their defenses against identity compromise. First, they should prioritize identity security by implementing robust authentication methods. Regularly updating passwords and educating employees about secure practices is essential.

Improving visibility into user activities can help organizations detect potential breaches early. By monitoring access patterns and employing security analytics, companies can identify and respond to threats more effectively. Fischl advises that while organizations cannot control the intent of attackers, they can significantly reduce opportunities for compromise through proactive security measures.

🔒 Pro insight: The shift towards identity-based attacks underscores the necessity for organizations to adopt zero-trust principles and enhance identity governance frameworks.

Original article from

SC Media

Read Full Article

Share

Related Pings

HIGHCloud Security

Cloud Outage - Microsoft Exchange Online Mailbox Access Blocked

Microsoft Exchange Online is currently experiencing an outage, blocking access to mailboxes and calendars. Many users are affected, leading to significant disruptions. Microsoft is investigating the issue and working on solutions.

BleepingComputer·
HIGHCloud Security

Cloud Outage - Microsoft Exchange Online Mailbox Access Issues

Microsoft Exchange Online is facing a global outage affecting email access. Users are experiencing connectivity issues across various platforms. Microsoft is investigating the disruption and providing updates.

Cyber Security News·
MEDIUMCloud Security

Cloud Security - Orca Enhancements Use AI to Reduce Alerts

Orca Security has launched new AI enhancements to its platform, helping organizations manage cloud alerts more effectively. These updates aim to cut through the noise and prioritize real risks. With AI adoption on the rise, this is crucial for maintaining robust security in cloud environments.

Help Net Security·
MEDIUMCloud Security

Cloud Security Insights - Latest Developments Explained

This week's CloudSecList reveals AI-driven phishing threats and AWS's new features. Datadog tackles malicious contributions in open-source projects. Stay ahead of risks!

CloudSecList·
MEDIUMCloud Security

AWS Security Hub Enhances Multicloud Security Operations

AWS Security Hub is expanding to streamline security across multiple cloud platforms. This update helps organizations manage risks more effectively. With the rise of cloud breaches, a unified security approach is essential for protection.

SC Media·
HIGHCloud Security

Data Risks Loom During Hypervisor Migration

Hypervisor migrations can hide risks that threaten your data. Acronis warns that without proper backups, businesses could face significant data loss. Protect your information by ensuring verified backups and a solid recovery plan.

BleepingComputer·