Google Cloud Security has released its Threat Outlook for the first half of 2025
Cloud environments face an evolving threat from threat actors who prioritize data leakage, identity exploitation as a new perimeter, and adapt tactics to evade detection and attribution. This edition of the Google Cloud Threat Horizons report provides cloud security professionals with a deeper understanding of the threat through intelligence and actionable risk mitigations from Google's security experts. Ransomware and data threats in the cloud are nothing new. In February 2024, Google Cloud security and intelligence experts revealed trends in their Threat Outlook report, including threat actors prioritizing data exfiltration over encryption and exploiting server-side vulnerabilities.
Furthermore, our experts have cited ransomware incidents and data theft or associated risks in cloud environments in our previous 10 Threat Outlook reports. Despite the continued presence of ransomware and data theft risks, the trends we have observed in the latter half of 2024 reveal a worrying shift. Not only are threat actors improving their tactics, techniques, and procedures within cloud environments, they are also becoming more adept at concealing their identities.
This development makes it more difficult for defenders to counter their attacks and increases the likelihood of ransom payments. Recognizing our shared destiny in defending against evolving cloud threats, this Google Cloud Threat Horizons report provides timely analysis and actionable mitigations of recent ransomware and data theft trends identified by our security and threat intelligence experts that are disrupting them in today's threat landscape:
Risks to service accounts: Google Cloud research shows that service accounts with excessive privileges and lateral movement tactics represent increasingly significant threats, although credentials and misconfiguration issues remain common upon initial access. Identity Exploitation: Compromised user identities in hybrid environments can lead to persistent access and lateral movement between on-premises and cloud environments, subsequently leading to multi-faceted extortion. Cloud databases are under attack: Threat actors are actively exploiting vulnerabilities and weak credentials to access sensitive information. Increased Adaptability: Threat actors are taking advantage of ransomware-as-a-service (RaaS) offerings and adjusting tactics to evade detection and attribution. Diverse attack methods: The threat actor group we track as TRIPLESTRENGTH uses escalation of privilege, including charging fees to victims' billing accounts to maximize profits from compromised accounts. Threat actors are using increasingly sophisticated methods to steal data and extort organizations in the cloud: Threat actors are using Multi-Factor Authentication (MFA) bypass in cloud-based services to compromise accounts and aggressive communication strategies with victims to maximize their profits.
To stay ahead in 2025, a strong cloud security strategy must prioritize data leakage and identity protection. The report provides cloud security decision-makers with the latest information on threat actors' tactics and actionable mitigations to better guide cloud data security strategies.
The full report can be downloaded here: https://services.google.com/fh/files/misc/threat_horizons_report_h1_2025.pdf
Please join our community here and become a VIP.
Subscribe to the ITWIRE Update newsletter here
Join iTWireTV and our YouTube community here
Return to the latest news here
Virtual event for women in mining
Companies are looking to integrate AI into the mining process to future-proof their operations.
The recently formed Australian chapter of Women in Mining Operations (WIPM) is hosting a Zoom event from 1pm to 2pm on November 14 on the topic of using AI to improve operations.
WIPM is a community designed for women in mining. To strengthen their leadership, amplify their influence, and pave the way for mining together.
The event is hosted by Department Heads Kanika Goel, Ph.D., Claudia M., and Susana Zavaleta, with special guest speaker Jack Basley of global mining leader Celones.
Register for a Zoom event now!
Score!
Promote your webinar on ITWIRE
It's all about the webinars.
Marketing budgets are now focused on webinars along with lead generation.
If you want to promote a webinar, we recommend running a campaign at least 3 to 4 weeks before your event.
The iTWire campaign will include extensive advertising on our itwire.com news site, prominent newsletter promotion https://itwire.com/itwire-update.html, promotional news and editorial. Plus a video interview of the keynote speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in promotional posts on the iTWire home page.
Now we are out of Lockdown, iTWire will focus on helping with your webinars and campaigns and assisting with partial payments, extended terms, Webinar Business Booster Pack and other supporting software. We can also create your ads and written content as well as coordinate your video interview.
We look forward to discussing your campaign goals with you. Please click the button below.
More information here!
