Cloud Security Risks in India?

Tenable, the exposure management company, has released its Tenable Cloud Risk Report 2024, revealing alarming trends in cloud security that threaten organizations in India and globally. The report identifies a “toxic cloud triad” of risks—misconfigurations, excessive permissions, and critical vulnerabilities—that could lead to severe data breaches and significant financial losses.

The findings are based on an extensive analysis of billions of cloud assets across various public cloud environments, collected in the first half of 2024. The report highlights that nearly four in ten organizations (38%) have at least one cloud workload that is publicly exposed, critically vulnerable, and highly privileged, forming a trifecta of risk.

Rajnish Gupta, Country Manager at Tenable India, emphasized the urgent need for organizations to address these vulnerabilities: “With cyber risks spreading across every corner of the business, the threat level has become unsustainable. Organizations must understand toxic cloud triads and other risky combinations to mitigate potential threats.”

Key insights from the report include:

• Risky Access Keys: A staggering 84.2% of organizations have unused or outdated access keys that come with critical or high-severity excessive permissions, posing a significant security risk.

• Excessive Permissions in Cloud Identities: Analysis of major cloud platforms like AWS, GCP, and Microsoft Azure reveals that 23% of cloud identities, both human and non-human, have critical or high-severity excessive permissions.

• Persistent Critical Vulnerabilities: The report notes that CVE-2024-21626, a severe container escape vulnerability, remains unremediated in over 80% of workloads, even 40 days post-publication.

• Publicly Exposed Storage: A concerning 74% of organizations have publicly exposed storage assets, including sensitive data, often due to unnecessary permissions, contributing to increased ransomware attacks.

• Vulnerable Kubernetes API Servers: Approximately 78% of organizations have publicly accessible Kubernetes API servers, with 41% allowing inbound internet access and 58% having cluster-admin role bindings that grant unrestricted control over Kubernetes environments.

As organizations accelerate their cloud adoption, the findings serve as a stark reminder of the vulnerabilities inherent in cloud environments. The Tenable Cloud Risk Report 2024 underscores the importance of proactive measures to safeguard against potential breaches and protect sensitive data.