Exposed Secrets: How forgotten credentials threaten India’s cloud security – CRN

By Anand Prakash, Sr. Director of Cloud Security at SentinelOne

In India, while 95% of the population accesses the internet via smartphones, only 9.9% use computers. This heavy reliance on mobile devices demands constant, on-demand access to vast amounts of data. To meet this need, companies have transitioned from physical servers to mega data centers, enabling always-on connectivity through cloud services. Amazon and Microsoft dominate India’s ₹93,500 Crore ($10.8 billion) cloud market, each holding about a 50% share. However, as cloud providers expand, so do the security challenges they face.

Last year, the final analysis of 2023 identified that developers committed 12.8 million secrets on public GitHub repositories– a 28% year-over-year increase. While we await 2024’s final numbers, the impact on India is expected to be significant as it remains the top targeted country for threat actors.

As we enter 2025, AI security within cloud environments has become the primary focus. Organisations increasingly depend on artificial intelligence to enhance their cybersecurity defenses, but this dependence introduces new vulnerabilities. Addressing AI-specific security concerns is essential for maintaining robust cloud infrastructures. Just as Chief Information Security Officers (CISOs) within large organisations began to manage their cybersecurity effectively and reduce associated business risks, they now must also contend with simple yet critical errors that can originate from cloud providers’ teams.

The Hidden Danger of Forgotten Credentials
One of today’s most insidious security threats is the inadvertent exposure of forgotten passwords or API keys embedded in code. Developers often use open-source software (OSS) and third-party libraries to speed up development, sometimes embedding non-secured credentials directly into the code. While convenient, this practice poses significant risks. Once the software is live, hackers can quickly discover and exploit these credentials, leading to data breaches where sensitive information is stolen or manipulated without immediate detection.

An example is when developers mistakenly publish secret access keys for AI services on public repositories like GitHub, allowing hackers to identify and discover these leaked API keys in minutes. The rapid exploitation can result in unauthorised access, data breaches, and substantial financial and reputational damage. Recent reports highlight the alarming frequency of such leaks, emphasising the urgent need for stricter credential management practices.

Impact on Cloud Security
In cloud environments, the consequences of forgotten credentials are amplified. Cloud platforms host vast amounts of interconnected data and services, meaning a single compromised credential can grant attackers access to multiple systems simultaneously– even if your application is otherwise secure.

This amplifies the impact of a breach in several ways. A single set of compromised credentials can provide access to various parts of the cloud ecosystem, allowing attackers to move laterally and escalate their access. Exploited credentials can lead to massive data breaches, exposing sensitive customer information, intellectual property, and proprietary business data. Specifically, in AI services, breaches may also reveal proprietary algorithms and confidential business strategies, harming both financial standing and regulatory compliance.

Unfortunately, exploited forgotten credentials have far-reaching consequences for both organisations and their customers. Businesses may face financial losses, damaged reputations, and legal issues due to exposed sensitive information. Customers risk identity theft, financial fraud, and privacy invasions, with breaches potentially affecting multiple platforms and services, complicating recovery efforts.

AI to the Rescue: Strengthening Cybersecurity
Traditional cybersecurity measures often lag behind the sophistication of modern threats.
In contrast, AI-driven cybersecurity tools not only detect and respond to forgotten credentials but also safeguard data privacy and secure AI infrastructures. These tools monitor data flows to ensure sensitive information is not inadvertently exposed to AI systems and identify vulnerabilities within AI infrastructure, providing a dual layer of protection against modern cloud security threats.

This is critical to keep front of mind as teams as teams understand the challenge at hand. For this reason, many companies are requiring that the cybersecurity partner they rely on offer:
⦁ Cloud Native Application Protection Platform (CNAPP): CNAPPs are tailored for cloud environments, offering comprehensive protection against threats like forgotten credentials. They integrate security functions such as vulnerability management, compliance monitoring, and threat detection into a single solution for cloud-native applications. Real-time visibility and automated responses help organisations quickly identify and mitigate risks.
⦁ AI-Driven Cybersecurity Solutions: These tools enhance traditional security measures with intelligent automation and advanced analytics. They process large volumes of data to identify subtle indicators of compromise, predict potential threats, and automate responses to anomalies. Leveraging large language models (LLMs), AI can explain vulnerabilities and outline the following steps, even for junior practitioners.
⦁ AI-Software Posture Management (SPM): SPM involves continuously scanning and monitoring the software environment to ensure secure configurations and vulnerability-free systems. AI-Enhanced SPM (AI-SPM) uses machine learning to correlate suspicious activities across networks and identify potential security gaps, providing comprehensive insights and automating vulnerability remediation.

Looking Ahead: The Future of AI-Driven Cloud Security
The intersection of AI and cloud security will become increasingly critical in the digital age. Organisations must prioritise AI security to protect data privacy and fortify AI infrastructures against emerging threats. By embracing AI-driven security solutions and adhering to best practices in credential management, businesses can navigate modern cybersecurity complexities and ensure a resilient, secure digital future.

Integrating these innovative solutions allows organisations to enhance their security postures, mitigate risks, and ensure the safe and seamless operation of their digital ecosystems. This protects their interests and contributes to the broader goal of maintaining a secure and trustworthy digital world for everyone.