Insikt Group's 2025 cloud threat landscape report identifies five major threat categories targeting cloud environments: exploitation and misconfiguration, cloud abuse, cloud ransomware, credential abuse and account takeover, and third-party compromise. Threat actors increasingly use cloud-native tools and legitimate services to execute attacks without traditional malware, abusing APIs, storage services, and CI/CD pipelines. Notable emerging trends include attackers registering their own cloud resources for attack chains, declining effectiveness of DDoS against cloud environments, and growing targeting of LLM and AI services hosted in cloud. The report provides detailed mitigation recommendations covering IAM hardening, supply chain security, network controls, monitoring, and backup protection strategies.
Table of contents
Examples in the WildSort: