Insecure cloud-computing services can be a huge risk for organisations because they’re a regular target for cyber criminals. Researchers have demonstrated how vulnerable or misconfigured cloud services can be, after deploying hundreds of honeypots designed to look like insecure infrastructure, some of which lasted just minutes before being compromised by hackers.
Cybersecurity researchers at Palo Alto Networks set up a honeypot compromised of 320 nodes around the world, made up of multiple misconfigured instances of common cloud services, including remote desktop protocol (RDP), secure shell protocol (SSH), server message block (SMB) and Postgres databases.
The honeypot also included accounts configured to have default or weak passwords — exactly the sort of things that cyber criminals are looking for when trying to breach networks.
And it wasn’t long before cyber criminals discovered the honeypot and looked to exploit it — some of the sites were compromised in minutes while 80% of the 320 honeypots were compromised within 24 hours. All of them had been compromised within a week.
The most attacked application was secure shell, which is a network communication protocol that enables two machines to communicate. Each SSH