Rising AI-Driven Cybersecurity Threats Target Business Cloud and Virtual Environments
AI-driven cyberattacks targeting business cloud and virtual environments are surging, urging companies to consolidate security tools and enforce stricter protection measures.
- • 99% of security professionals reported attacks on AI systems in the past year.
- • API attacks increased by 41%, exposing weaknesses in IAM practices.
- • Warp Panda used Brickstorm malware to maintain persistent access to VMware environments.
- • Fragmented security tools complicate effective incident response; 97% advocate tool consolidation.
- • Strict access controls and network segmentation recommended to protect cloud and virtual systems.
Key details
German businesses face escalating cybersecurity challenges as AI-driven attacks increasingly target cloud infrastructures and virtual environments. According to a report by Palo Alto Networks, nearly all surveyed security professionals (99%) experienced at least one attack on their AI systems over the past year, highlighting a significant surge in risks. API attacks alone have risen by 41%, and 53% of respondents pointed to inadequate Identity and Access Management (IAM) practices as a critical vulnerability facilitating credential theft and data breaches.
The report underscores the need to consolidate cloud security tools, as companies currently manage an average of 17 tools from five different vendors, leading to fragmented and inefficient incident response. An overwhelming 97% of security experts advocate for integrating these tools and fully incorporating cloud and application security into Security Operations Centers (SOC) to enhance effectiveness.
Separately, CrowdStrike revealed targeted attacks on VMware vCenter and ESXi environments by the sophisticated threat group Warp Panda in 2025. Using malware such as Brickstorm and techniques like JSP web shells and implants named Junction and GuestConduit, Warp Panda maintains persistent and stealthy access to victims’ networks. The group exploits internet-facing edge devices, often via valid credentials or vulnerabilities, and moves laterally within networks using SSH and privileged accounts. They exfiltrate sensitive data, including Microsoft 365 content stored on OneDrive and SharePoint.
CrowdStrike recommends multi-layered defense strategies, including strict access controls, network segmentation, continuous monitoring of unauthorized activities, and SSH access restrictions to protect virtual environments.
The evolving cybersecurity landscape demands integrated, proactive approaches combining risk mitigation with rapid incident response. As static visibility and isolated measures fall short, enterprises must adopt comprehensive platforms like Palo Alto Networks’ Cortex Cloud to secure their cloud ecosystems and guard against increasingly sophisticated AI-enabled threats.
This article was translated and synthesized from German sources, providing English-speaking readers with local perspectives.
Source articles (2)
Source comparison
Latest news
Economic Uncertainty Dampens Hiring Amid Rising Unemployment in German Manufacturing
Co-Determination Enhances Dividend Reliability and Employment Stability in German Firms
Berlin Court Orders Nextbike to Remove Thousands of Rental Bikes Amid Legal Dispute; Niedersachsen Sues Klasmann-Deilmann Over Illegal Peat Extraction
German Companies Struggle to Profit from AI Amid Rising Social Costs
German Youth Skeptical as Military Service Debate Heats Up
Germany Set to Face Portugal in Handball EM Quarterfinals After Portugal's Surprising Group Win
The top news stories in Germany
Delivered straight to your inbox each morning.