Nearly half of organizations have customers with “long-lived” credentials in cloud companies, making them extra prone to be victimized in an information breach.
Lengthy-lived credentials are authentication tokens or keys within the cloud that stay for an extended time period — typically legitimate and typically not — in the end inflicting main information breaches the place attackers have a prolonged open window to compromise credentials.
In Datadog’s 2024 “State of Cloud Safety” report, the researchers discovered that long-lived credentials are a widespread subject throughout all main cloud companies, together with Google Cloud, Amazon Net Companies (AWS), and Microsoft Entra. Not simply that, however many of those are even unused, and infrequently are leaked in supply code, the place they will open entry to photographs and construct logs and utility artifacts, by no means expiring and turning into main safety dangers. 62% of Google Cloud service accounts, 60% of AWS IAM customers, and 46% of Microsoft Entra ID purposes have an entry key older than one yr, the researchers discovered.
Finally, organizations wrestle to handle some of these credentials, particularly at scale, so the researchers at Datadog suggest that long-lived credentials be averted altogether with a view to mitigate this subject.
“The findings from the State of Cloud Safety 2024 recommend it’s unrealistic to anticipate that long-lived credentials may be securely managed,” mentioned Andrew Krug, head of safety advocacy at Datadog. “To guard themselves, firms must safe identities with trendy authentication mechanisms, leverage short-lived credentials and actively monitor modifications to APIs that attackers generally use.”