Hackers try to breach Singapore cloud servers over 310,000 times

Hackers try to breach Singapore cloud servers over 310,000 times

Honeypot is a system intended to mimic likely targets of cyber attackers

Credit: Dreamstime

More than 310,000 logins per cloud server honeypot were attempted during a 30-day period in Singapore, at a rate of 13 attacks per minute.

That’s according to new findings from Sophos, which paint a damning picture of the state of security in the city-state, amid an increase in worldwide threats triggered by cloud adoption.

As explained in the report, a honeypot is a system intended to mimic likely targets of cyber attackers, so that security researchers can monitor cyber criminal behaviours.

Singapore housed a total of 312,928 attempted login attempts per honeypot during the period, occurring within 49 minutes of the honey pot going live.

“The aggressive speed and scale of attacks on the honeypots shows how relentlessly persistent cyber criminals are and indicates they are using botnets to target an organisation’s cloud platforms,” said Matthew Boddy, security specialist at Sophos.

Specifically, honeypots were set up in 10 of the most popular Amazon Web Services (AWS) data centres in the world, spanning California, Frankfurt, Ireland, London, Mumbai, Ohio, Paris, Sao Paulo, Singapore, and Sydney over a 30-day period.

During the timeframe, more than five million attacks were attempted on the global network of honeypots, with cyber criminals automatically scanning for weak open cloud buckets.

“In some instances, it may be a human attacker, but regardless, companies need a security strategy to protect what they are putting into the cloud,” Boddy added. “The issue of visibility and security in cloud platforms is a big business challenge, and with increased migration to the cloud, we see this continuing.”

In a bid to combat such threats, the vendor is turning to the channel to deploy Sophos Cloud Optix, a new solution which leverages artificial intelligence (AI) to highlight and mitigate threat exposure in cloud infrastructures.

“Instead of inundating security teams with a massive number of undifferentiated alerts, Sophos Cloud Optix significantly minimises alert fatigue by identifying what is truly meaningful and actionable,” added Ross McKerchar, CISO of Sophos.

“In addition, with visibility into cloud assets and workloads, IT security can have a far more accurate picture of their security posture that allows them to prioritise and proactively remediate the issues flagged in Sophos Cloud Optix.”

Tags sophos

Show Comments