SCMagazine.com reported that “Hackers are using cloud service attacks as a way to go after big-money targets in the insurance and financial industries.” The September 11, 2024 article entitled “Hackers use cloud services to target financial and insurance firms” (https://tinyurl.com/ysr2z33d) included these comments:
The most common targets in the attacks are companies that work in the extremely lucrative financial and insurance sectors, suggesting the hacking crew is looking for a few big payouts before shutting down the operation.
The move is believed to be something of a departure from Scattered Spider’s usual tactics.
“Scattered Spider frequently uses phone-based social-engineering techniques like voice phishing (vishing) and text message phishing (smishing) to deceive and manipulate targets, mainly targeting IT service desks and identity administrators,” explained researcher Arda Büyükkaya.
“The actor often impersonates employees to gain trust and access, manipulate MFA settings, and direct victims to fake login portals.”
The researchers found the attackers using a number of methods for obtaining access to the cloud services. Among the most notable methods was searching services like GitHub to find cloud access tokens which had been accidentally left in source code by developers, which has become a growing problem for many companies.
Are you surprised?
First published at https://www.vogelitlaw.com/blog/nbspare-you-surprised-that-cloud-services-are-cyber-targets