Skip to content
Information Technology

Google Cloud Threat Horizons Report 2024 – new year, new cloud threat insights

Mandiant 3 mins read


Google Cloud has published its latest Threat Horizons Report, which provides intelligence-derived threat actor trends, expertise and recommendations to help inform cloud customer security strategies in 2024.

The Google Cloud Threat Horizons Report provides decision-makers with strategic intelligence about
threats to cloud enterprise users, along with cloud-specific research, based on intelligence-derived threat
actor trends and expertise from Google Cloud security leaders and practitioners. Most importantly, the report
delivers recommendations on mitigating these risks and improving cloud security posture from Google’s
intelligence and security teams, including Google Cloud’s Office of the CISO, Google’s Threat Analysis Group, Mandiant, and various Google Cloud product teams.

The report’s findings suggest that IT environments are facing an increase in threats, both in number and sophistication. Arguably the most notable highlighting however, is that issues specific to cloud providers were  often due to poor security hygiene or mis-configurations, rather than underlying vulnerabilities.

The full report can be read/downloaded here:

Summary of the report:

As the digital landscape evolves, so do the threats posed to cloud environments. 

Emerging Threats and Persistent Challenges:

The report underscores the persistence of credential abuse, cryptomining, ransomware, and data theft as top cloud security concerns in 2024. Threat actors are increasingly targeting cloud infrastructure, leveraging weak passwords and mis-configurations to gain unauthorised access. Cryptomining remains a lucrative endeavour for attackers, exploiting compromised cloud resources for financial gain. Additionally, ransomware attacks and data theft pose significant risks across all IT environments, necessitating robust data loss prevention strategies.


Addressing Evolving Tactics:

Threat actors are adapting their tactics, including manipulating and deleting security event logs to evade detection. Furthermore, espionage threat actors affiliated with the People's Republic of China are increasingly targeting cloud services amid widespread adoption globally. These evolving threats require organisations to prioritise security event logging and implement stringent access controls to safeguard sensitive data.


Preparing for Global Events:

High-profile global events in 2024 present attractive targets for threat actors engaged in malicious activities such as information operations and espionage. Weaknesses within cloud projects may be exploited to achieve malicious objectives. Thus, organisations must remain vigilant and proactively enhance their cloud security posture to mitigate risks associated with these events.


Strategies for Defence:

To counteract prevalent threats, organisations must prioritise strong security measures. Google Cloud offers various security features, including two-factor authentication (2FA), strong password policies, IAM policies, Cloud Audit Logs, and Security Command Centre. These tools empower organisations to monitor for suspicious activity, enforce access controls, and respond swiftly to security incidents.


Mitigating Ransomware and Data Theft:

Ransomware attacks and data theft incidents continue to target unprotected cloud storage services and mis-configured networks. Strengthening cloud asset management and data protection is imperative to mitigate these risks. Weak credentials, mis-configurations, application vulnerabilities, and third-party issues contribute to system compromises, emphasising the need for comprehensive security measures.


Real-World Incidents and Insights:

Recent incidents highlight the real-world consequences of inadequate cloud security practices. For instance, suspected ransomware actors breached Slovenia's largest power provider by exploiting unprotected cloud storage instances. Similarly, misconfigured servers during a data centre migration led to a ransomware attack on cloud-hosting firms, resulting in lost customer data.


Proactive Measures and Awareness:

Threat actors exploit vulnerabilities in cloud environments through sophisticated tactics such as probing weak storage bucket naming conventions. Organisations must prioritise proactive measures, including regular security assessments, employee training, and adherence to best practices to mitigate such risks effectively.



As cloud adoption continues to accelerate, ensuring robust security measures is paramount. The Google Cloud Threat Horizons Report provides valuable insights to inform actionable strategies for safeguarding cloud environments in 2024 and beyond. By implementing proactive security measures and staying abreast of emerging threats, organisations can enhance their resilience against evolving cyber threats.

More from this category

  • Information Technology, Internet
  • 19/07/2024
  • 18:29
Monash University

Monash expert: Global IT outage sparked by Microsoft’s Crowdstrike

A Monash expert is available to comment on reports of major IT outages across Australia. Professor of Practice Nigel Phair, Department of Software Systems & Cybersecurity, Faculty of Information Technology Professor Phair is currently overseas in Stockholm but available for comment via WhatsApp on +61 408 437 056 Impact of cybersecurity issues Governance of technology Intersection of technology, crime and society The following can be attributed to Professor Phair: “A major outage has occurred affecting a number of Australian and global organisations; it appears not to be malicious in nature, rather an error stemming from a network outage. The type…

  • Information Technology, Medical Health Aged Care
  • 19/07/2024
  • 16:57

Navigating Australia’s 5-year Data and Digital Strategy with Personalised Tech Solutions for Aged Care Providers

The Aged Care Data and Digital Strategy 1 unveiled by the Australian Department of Health and Aged Care aims to establish a digitally connected…

  • Contains:
  • Information Technology, Transport Automotive
  • 18/07/2024
  • 13:52
Charles Darwin University

CDU Expert: AI could improve e-scooter safety, but still has its own risks

18 July 2024 Who: Charles Darwin University sustainable transport solutions expert, PhD Candidate in Law, Ferdinand Balfoort. Ferdinand is completing his doctoral dissertation on the topic of distributive justice, sustainability and shared e scooters, focusing on the benefits and burdens of sustainable transport technologies. Topics: Regulatory frameworks for sustainable transport solutions including micro-mobility (e-scooters and e-bikes) Benefits (pros) of micro-mobility technology (GPS, IoT, AI, Telematics) including sustainability, and burdens (cons) including safety, in context of stakeholders. Carbon emissions accounting and life cycle assessments for transport modes including micro-mobility. Contact details: Call +61 8 8946 6721 or email to arrange…

Media Outreach made fast, easy, simple.

Feature your press release on Medianet's News Hub every time you distribute with Medianet. Pay per release or save with a subscription.