Sysdig Annual Threat Report Highlights Growing Cost and Scale of Cloud Attacks

OCTOBER 22, 2024

SHARE:

With a new focus on stealing cloud credentials and exploiting enterprise AI to the tune of $100,000+ per day, the “2024 Global Threat Year-in-Review” underscores how threat actors are weaponizing new cloud technologies


SAN FRANCISCO
– Oct 22, 2024 – Sysdig, the leader in real-time cloud security, today announced the release of the Sysdig Threat Research Team’s (TRT) “2024 Global Threat Year-in-Review.” The report, which Sysdig threat researchers derive from real-world adversarial operations and attack campaigns, highlights the evolution of threat attackers’ tactics, including a growing reliance on automation and new cloud technologies.

Report Highlights

  • $100,000+ lost per day to AI resource jacking: It didn’t take long for threat actors to leverage stolen cloud access to exploit large language models (LLMs), as illustrated by an LLMjacking attack that left one victim on the hook for $30,000 in just three hours. Left unchecked, an LLMjacking operation can cost more than $100,000 per day.
  • 500+ cryptomining instances launched in 20 seconds: While some cloud attacks deliver swift, high-impact financial blows, others are conducted more subtly. For example, while Meson Network attackers were able to automate more than 500 new cryptomining instances every 20 seconds using a compromised cloud account, other groups like RUBYCARP have been able to siphon victim resources for a decade.
  • 1,500+ victims’ credentials stolen using open source software: As the cloud evolves, so do attackers. For instance, less than one month after the release of the SSH-Snake research, CRYSTALRAY threat actors were discovered weaponizing the open source network mapping tool to harvest over 1,500 victims’ account credentials. 

“Proactive security programs should always assume compromise,” said Michael Clark, Head of Sysdig Threat Research. “Cyberattacks will continue, likely at a greater frequency, and prevention alone is simply insufficient as attackers’ means of defense evasion continue to mature. Resilience following a cyberattack will keep businesses moving, as cloud attacks will continue to become faster, more sophisticated, and more expensive year over year.”

The 2024 edition of the annual Sysdig Threat Research Report further illustrates the expanding attack surface and financial strain that organizations face. Given that the average cost of a public cloud breach has eclipsed $5 million and that cloud attacks have increased 154% year over year, Sysdig TRT projects that global cyberattacks will cost over $100 billion in 2025. 

Responsible for discovering and communicating information about the latest attacks, Sysdig TRT has tracked and exposed 15 novel threats in the last two years. Made up of an international group of cyberspies, the team’s experience ranges from the military and government to commercial and academic espionage work. The team’s research was also instrumental in informing the industry’s only cloud attack benchmark, the 555 Benchmark for Cloud Threat Detection and Response. Catch the team through the end of the year at one of their many speaking opportunities.


Resources


Media Contact


Damon Weinhold
[email protected]
+1 (415) 873-4772


Sysdig Logo

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig, rated #1 for CSPM in the Gartner Peer Insights “Voice of a Customer” report, correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.

Sysdig. Secure Every Second.