2024 DevOps Threats Unwrapped

Bitbucket experienced a decline in incidents in 2024, with 38 recorded cases compared to 48 in 2023, seeing a 21% decrease. However, the total downtime still amounted to over 207 hours with about half of the incidents classified by Atlassian as of major and critical impacts. The first quarter was the most disruptive, with 14 incidents lasting a total of 132 hours, and February stood out as the most active month with 10 incidents in total.

Last year, security remained a significant concern, with 20 high-severity vulnerabilities patched, all carrying a CVSS score above 7.4. Threat actors leveraged different schemes using ransomware and malware strains like BeaverTail and OtterCookie to steal data. Also, hackers exploited plaintext AWS authentication secrets exposed in Atlassian Bitbucket artifact objects in their attempts to breach accounts.

With a nearly 30% increase in the total number of incidents in Jira Software, Jira Work Management, and Jira Service Management, Atlassian experienced in 2024 - there were 132 issues recorded compared to 91 incidents in 2023. The most disruptive period was the fourth quarter with 44 incidents, while Q3 saw the highest number of critical issues, leading to Jira services being hard down for some time.

Security threats remained a major concern, with 45 vulnerabilities patched throughout the year - 77% of them in the second half alone. Among the most severe vulnerabilities was a critical SQL injection flaw with a CVSS score of 9.8, posing a significant risk of allowing an attacker to inject SQL under specific conditions. Hackers also targeted Jira users in persistent attempts to steal corporate data.

In 2024 GitLab saw an almost 21% increase in recorded incidents, 96 issues, in 2023 there were only 76 incidents. Critical issues made up about 7% of the total, 7 incidents, with a combined lasting time of over 798 hours… almost 100 working days! September was the most turbulent month, with 17 incidents recorded and impacting Git operations, API, CI/CD, etc. in different measures from service disruption to degraded performance.

Security was a key focus, with 153 vulnerabilities discovered and patched throughout the year. More than half - 83 flaws - were addressed in the first half of 2024 alone. One of the most severe threats was an authentication bypass vulnerability with a CVSS score of 10, which could have allowed attackers to log in as arbitrary users.

The number of incidents affecting Azure DevOps in 2024 reached over 110 recorded cases with the total performance degradation time exceeding 826 hours… It equals over 103 working days! The second quarter of the year was the most active in regard to incidents while Q3 saw the longest period of degraded performance, lasting over 555 hours. In August, a misconfiguration in an internal service using Azure Front Door led to a major outage impacting users across Latin and North America.

Security concerns also took center stage with a critical vulnerability that allowed attackers to manipulate server-side requests, impersonate trusted Azure services, and bypass network controls based on Service Tags. This flaw created a serious risk, potentially exposing internal assets, sensitive data, and services to unauthorized access.