Security Incidents Target Cloud Databases

- A key vector in the Supabase incidents involved overly permissive API access controls and outdated dependencies, which accounted for 31% of reported exploits. Unauthorized access attempts reportedly rose by 43% in the quarter leading up to the incidents. - One novel attack on Supabase involved an attacker using a malicious support ticket to inject instructions into an LLM-based agent, causing it to leak sensitive customer `integration_tokens`. - AI-powered DDoS attacks represent a significant evolution from traditional volume-based attacks; they use AI to analyze a target's infrastructure in real-time and adapt attack patterns to evade detection. - The cost of modern DDoS attacks is estimated to be around $6,000 per minute, with the average time to mitigate increasing as attackers use machine learning to make malicious traffic harder to distinguish from legitimate requests. - AI is not just used for attacks; defenders are employing machine learning models like Support Vector Machines (SVM) and Random Forest to detect anomalies and malicious packets with high accuracy. - The attack surface is not limited to database providers themselves; a 2024 incident saw a SaaS platform's customer data exfiltrated by exploiting broad database roles that were not configured with least-privilege enforcement. - Responding to a breach within the first hour can reduce data loss by up to 60%, highlighting the need for automated monitoring of real-time query patterns and robust incident response plans. - The accessibility of AI has lowered the barrier for attackers, allowing less-skilled actors to launch sophisticated, multi-vector campaigns that were previously the domain of advanced cybercriminal groups.