What's Happening?
A recent report from ReliaQuest has highlighted identity failings and legacy vulnerabilities as significant contributors to the surge in cloud attacks. The report indicates that 44% of true-positive alerts
in the third quarter of 2025 were linked to identity-related weaknesses, such as excessive permissions, misconfigured roles, and credential abuse. Threat actors are increasingly targeting the identity layer due to insecure storage of cloud keys and credentials, which often end up on cybercrime markets. These credentials can be purchased on the dark web for as little as $2, and typically have excessive permissions, allowing attackers to escalate access without detection. The report also points out that poor DevOps practices can lead to the systematic redeployment of legacy vulnerabilities, further exacerbating security risks.
Why It's Important?
The findings from ReliaQuest underscore the critical need for organizations to address identity management and legacy vulnerabilities to protect their cloud environments. With 99% of cloud identities reportedly over-privileged, the potential for unauthorized access and data breaches is significant. This situation poses a substantial risk to businesses, as attackers can exploit these vulnerabilities to gain access to sensitive information and disrupt operations. The report's emphasis on the role of poor DevOps practices highlights the importance of integrating security into the software development lifecycle to prevent the replication of vulnerabilities. Organizations that fail to address these issues may face increased financial losses, reputational damage, and regulatory penalties.
What's Next?
The report suggests that organizations need to enhance their security posture to mitigate these risks. This includes implementing stricter identity management protocols, reducing excessive permissions, and improving DevOps practices to prevent the redeployment of legacy vulnerabilities. Security teams are encouraged to adopt automated tools to manage the growing attack surface and vulnerability backlog effectively. As the cloud infrastructure continues to expand, organizations must prioritize security measures to safeguard their assets and maintain trust with stakeholders.
Beyond the Headlines
The report raises concerns about the systemic risks associated with on-demand infrastructure deployments in the cloud. The race for speed and unclear ownership of risk remediation can lead to the perpetuation of vulnerabilities, creating an unmanageable attack surface. This highlights the need for a cultural shift within organizations to prioritize security alongside innovation and efficiency. Additionally, the report's findings may prompt discussions on the ethical implications of selling cloud credentials on cybercrime markets and the responsibility of cloud service providers in securing their platforms.
