Elastic report: Nearly 33% of cloud cyber-attacks use credential access

Watch the Low-Code/No-Code Summit on-demand sessions to learn how to successfully innovate and achieve efficiencies by upskilling and scaling citizen developers. Watch now.

The 2022 Elastic Global Threat Report found that nearly 33% of cloud-based attacks leverage credentials, indicating that users often overestimate the security of their cloud environments and, as a result, fail to adequately configure and protect them.

>>Don’t miss our new special issue: Zero trust: the new security paradigm.<

Key findings for the report focus on three primary trends: the role of human error in increasing cloud security risks, malicious use of commercial software, and endpoint attacks becoming more diverse due to the high effectiveness of most endpoint security software.

And while commercial adversary simulation software such as Cobalt Strike is useful for the defense of their environment by many teams, but also used as a malicious tool for massive malware implantation.


Intelligent security stop

On December 8, learn about the critical role of AI and ML in cybersecurity and industry-specific case studies. Register for your free pass today.

register now

Other findings from the Elastic report include:

Image source: Elastic.
  • 54% of all malware infections occurred on Windows endpoints, while 39% were on Linux endpoints.
  • The largest contributor of Linux-based malware/payloads was Meterpreter at 14%, followed by Gafgyt at 12% and Mirai at 10%.
  • CobaltStrike was the most popular malicious binary or payload for Windows endpoints with 35% of all detections, followed by AgentTesla at 25% and RedLineStealer at 10%.

Finally, more than 50 endpoint infiltration techniques are used by threat actors, suggesting that endpoint protection works well as its sophistication requires threat actors to constantly find new or new attack methods to be successful.


The report was created by elastic security labsthe company’s threat research, malware analysis, and detection engineering team, and compiled using telemetry from global deployments of Elastic Security from August 2021 to August 2022.

Read the full report of elastic.

VentureBeat’s mission is to become a digital city plaza where tech decision makers can learn about transformative business technology and execute transactions. Discover our Briefings.

Add Comment