cloud security threats and defenses

Posted by & filed under List Posts.

Go to Cloud Security 101 – Part 2 – Key Defensive Strategies >>>

There are general changes in cloud computing that are of interest, but security is such a fundamental concern for online business that it deserves its own attention. This two-part Cloud Security 101 piece looks essentially at the problem and the solution, answering these questions:

  • What are Cloud Security Threats in 2019?
  • How is Cloud Security Changing in 2019?

Key Cloud Security Threats

Numerous threats must be addressed by cloud providers and cloud customers to create a secure environment. Some of the key ones are described below. 

Denial of service

Any service can be targeted with a DoS attack, which is an effort to prevent the legitimate users of a service from being able to access it. Typically DoS attacks are accomplished via distributed denial of service (DDoS). The attackers force the cloud provider to consume a huge volume of resources from a barrage of bogus requests; in turn, systems can become incredibly slow or be forced offline.

Lack of appropriate due diligence

Due diligence is critical for executives as they compare different cloud service providers (CSPs), noted the Cloud Security Alliance. If due diligence is insufficient, it introduces various risks to the organization.

The insider threat

One critical thing about security that is often forgotten is people. There is ultimately vulnerability related to individuals; in healthcare, which is most at-risk for this threat, more than half of breaches are caused by the insider, per one study. Building stronger technologies against external threats helps but does not protect against the threat of the insider. Incredibly, the hackers on the outside could be overcome by the threat posed within your staff (at least until that threat is properly addressed). 

Ransomware

Ransomware attacks are going to continue to increase, suggested Kanti S. in Analytics Insight. Companies should combine strategic human intelligence with machine learning algorithms to better respond to cyberattacks. 

Data loss

As noted by the Cloud Security Alliance, you could experience data loss due to a malicious attack. Customer data could be permanently lost in the event of an earthquake, fire, or other physical catastrophe at a cloud service provider. This threat is mitigated by checking providers for data recovery and business continuity best practices so data backup is enforced. 

Shadow IT

One aspect of cybersecurity that seemed to receive greater discussion in the past, prior to vast incorporation of cloud services and policies to address it, is shadow IT. Shadow IT continues to be a massive problem, though. In fact, more than 4 in 5 employees say that they use apps that are not approved for use – i.e., the vast majority of people in the workforce are using shadow IT.

The individuals who do use apps that fall outside the organizational umbrella are simply trying to perform their jobs better; they are not trying to be negligent or malicious. The other aspect is that everyone wants to be independent and does not want everything they do to be watched. However, that oversight, from an organizational perspective, is central to security and compliance. You cannot apply software updates, perform backups, monitor access logs, or do any other management if you are unaware of the rogue apps. If IT is charged with data compliance and security, what is not under the oversight of IT is a threat. 

Operational technology (OT) systems attacks

Business operations are threatened by attacks on critical infrastructure, mining operations, and manufacturing plants. These attacks, which are becoming more common, are a threat to the lives and health of the general public and employees. Notably, OT systems cannot be protected using the same means as are used for information technology systems, as indicated by a November report in Security Boulevard. Even with air-gapping, you need more than a standalone solution. 

Advanced persistent threats (APTs)

In order to steal data, sometimes cybercriminals will deploy cyberattacks that behave similarly to a parasite. They first breach your system and create a foothold. From there, they can start taking away your data. Once the APT has been installed in your system, it is able to mix itself in with typical traffic and make lateral moves within your networks. In this manner, an APT can achieve objectives of hackers over long periods of time, even evolving as they go in order to thwart the security methods that are being adapted to defeat them. 

Lack of compliance

One report found that at least one cloud storage service was publicly exposed in almost a third (32%) of companies. Many prominent breaches occur because these systems are improperly configured. A proper program and policies for governance and compliance can help you address the threat of risky cloud setups. Companies are starting to implement broader compliance throughout cloud to avoid this issue.

AI threats

To cloud as to other systems, AI is both friend and foe. Artificial intelligence has been on the rise lately, staving off the persistent idea that it will hit another AI winter, propelled by its applications in meeting business functions. AI is also growing because it is being utilized by cybercriminals. AI is important in developing the hackers’ evasion strategies, the moves they makes to sidestep your efforts at detection and expulsion. AI will likely be used by cybercriminals to analyze areas they have infiltrated prior to implementing later-stage attacks, as well as to automate their target selection.

Hackers already have various ways to evade detection, and AI will bolster their efforts. Two other ways that cybercriminals avoid detection are through cryptomining and botnets, noted StateTech editor Juliet Van Agenen.

As the threats of increasing sophistication allowed by AI are used by criminals, so must organizations utilize the advantages of next-generation cybersecurity tools (including ones that leverage AI) to defend themselves.

AI tools that monitor user behavior and devices, signaling when they find anything irregular, will be released during 2019 and refined in the years ahead.

Malicious or abusive use of cloud

Cyberattacks becomes more possible when payment application fraud, bogus account creations, free cloud trials, and poorly configured cloud servers all expose companies to vulnerability, noted the CSA. Cloud resources could be used in phishing efforts, email spam, or distributed denial of service (DDoS) attacks. These campaigns might be used to hit cloud rivals, other organizations, or users.

Account hijacking

Attackers might be able to listen to transactions and activities, change data, send back fraudulent data, and direct clients to bogus websites. The attacker can use a service or account as a new base for attack via account hijacking. They are able to get into critical areas, where they can proceed to sabotage the availability, integrity, and confidentiality of the environment.

(Part 2 continued below.)

Your strong cloud security partner

Vulnerability management is a key upside to the cloud; any companies that already have their workloads within the public cloud benefit from stronger vulnerability management that is built into those systems. Cloud service providers are focused on updating their infrastructure and other systemic elements regularly, so hosting workloads in cloud provides access to their updating process and protocols.

However, strong vulnerability management and breach prevention in cloud requires due diligence. Due diligence is about selecting the right cloud providers so that your security is protected even better than you could achieve internally. At Total Server Solutions, our SSAE 16 Type II audit demonstrates our compliance with the highest standard in data security. See our security commitment.

Go to Cloud Security 101 – Part 2 – Key Defensive Strategies >>>