Unit 42 research found that cloud-based security threats have surged nearly fivefold in 2024, with attacks on Identity and Access Management (IAM) tokens emerging as a primary concern, according to a report by Cyber Security News.
The report notes a 388% increase in cloud security alerts and a 235% rise in high-severity incidents, with IAM credentials frequently exploited for lateral movement and privilege escalation.
By December, cloud environments averaged over 200 alerts for remote command-line access using IAM tokens–up from just two in January.
Researchers also observed a 305% spike in suspicious cloud storage downloads and a 116% increase in “impossible travel” alerts.
Experts recommend deploying Cloud Detection and Response (CDR) tools alongside Cloud Security Posture Management (CSPM) to monitor threats in real time.
“The only real defense is to require cloud-based agents for publicly exposed and critical cloud endpoints,” the report states, emphasizing the importance of proactive security measures in combating evolving threats.
