To understand the global impact of COVID-19 on the security posture of organizations, the Unit 42 cloud threat intelligence team analyzed data from hundreds of cloud accounts around the world between October 2019 and February 2021 (before and after the onset of the pandemic).
This report details the scope of COVID-19’s impact on the cloud threat landscape and explains which types of risks are most prevalent in specific geographies and industries. It also identifies actionable steps organizations can take to reduce the security risks associated with their cloud workloads.
Businesses were affected in the following ways:
- Spike in security incidents
Organizations experienced large expansions in the size of cloud workload deployments following the onset of the pandemic, but they also suffered an uptick in cloud security incidents.
- A decline in cloud cryptojacking
While the pandemic raged, cryptocurrencies such as Bitcoin (BTC), Ethereum (ETH), and Monero (XMR) grew in popularity and market value.
- Sensitive data in the cloud
Remains Publicly Exposed Our findings indicate that 30% of organizations expose some sensitive content to the internet, such as personally identifiable information (PII), intellectual property, and healthcare and financial data.
COVID-19’s Impact on Cloud Security by Region
The pandemic’s impact on cloud growth was evident in all global regions. Overall, Japan has had a slower rate of cloud adoption during COVID-19.
COVID-19’s Impact on Cloud Security by Industry
The scale of cloud workloads increased across virtually all industries, with energy being the only exception, likely due to weak demand and cuts in oil and gas production during the pandemic.
COVID-19 and Data Security
Businesses are favoring cloud storage due to its reliability, availability, and scalability. Our research shows that 64% of data in the cloud contains sensitive information.
Cloud, COVID-19, and Cryptocurrency
Although movements in the cryptocurrency market and security issues associated with that movement cannot be linked solely to the COVID-19 pandemic, our research reveals interesting connections between cryptocurrency, the cloud, and the impact of COVID-19.
Faced with this threat, organizations must build a cloud security program focused evenly around all phases of the software development lifecycle.
Doing this will enable organizations not only to win in the market but also to establish sustainable cloud security programs that can expand and contract no matter what types of unpredictable events take place in the future.
