Machine identities such as access tokens and service accounts are being tipped as the next big target for cyber attacks.
According to Venafi's latest research report, The Impact of Machine Identities on the State of Cloud Native Security in 2024, 86% of organizations have had a security incident related to their cloud native environment within the last year.
As a result, more than half have had to delay an application launch or slow down production time, while 45% suffered outages or disruption to their application service. Three-in-ten said the incident meant that attackers could gain unauthorized access to data, networks, and systems.
Similarly, nearly nine-in-ten security leaders said they believe that machine identities – specifically access tokens and their connected service accounts – are the next big target for attackers.
More than half said they'd experienced a security incident related to machine identities using service accounts in the last year.
"A massive wave of cyberattacks has now hit cloud native infrastructure, impacting most modern application environments," said Kevin Bocek, chief innovation officer at Venafi.
"To make matters worse, cybercriminals are deploying AI in various ways to gain unauthorized access and exploiting machine identities using service accounts on a growing scale. The volume, variety and velocity of machine identities are becoming an attacker’s dream."
While access tokens used with service accounts topped the risk list with 56% of respondents, almost as many experienced incidents related to other machine identities, such as certificates.
Venafi attributed this to the growing complexity of cloud native environments, which makes it harder to manage and secure the machine identities that underpin access and authentication.
Three-quarters of security leaders agreed that humans are the weakest link in machine identity security, while 83% of teams say that failing to secure machine identities at the workload level renders all other security obsolete. =
Nearly seven-in-ten described delivering secure access between their cloud native and data center environments as a 'nightmare to manage', while 89% said they're experiencing challenges around managing and securing secrets at scale.
Notably, 83% said having multiple service accounts creates a lot of added complexity. Despite this, nine-in-ten agreed they make it easier to ensure policies are uniformly defined and enforced across cloud native environments.
"Attackers are increasingly zoning in on machine identities in cloud native technologies," said Bocek. "Security teams must prioritize machine identity security to the same degree as human identities."
AI poisoning a key concern
Elsewhere in Venafi’s report, more than three-quarters of respondents highlighted AI poisoning as a leading new software supply chain risk.
AI poisoning refers to techniques whereby AI data inputs and outputs are manipulated for malicious purposes.
"There is huge potential for AI to transform our world positively, but it needs to be protected," said Bocek.
"Whether it’s an attacker sneaking in and corrupting or even stealing a model, a cybercriminal impersonating an AI to gain unauthorized access, or some new form of attack we have not even thought of, security teams need to be on the front foot.
"This is why a kill switch for AI – based on the unique identity of individual models being trained, deployed and run – is more critical than ever."
Three-quarters are also worried about model theft and 73% concerned about the use of AI-led social engineering, while 72% are worried about provenance in the AI supply chain.
Despite this, six-in-ten said senior management has taken its focus off supply chain security in the last year.
