Cloud Computing has been growing at an exponential rate and today. Around 70 per cent of businesses have migrated partially or entirely to the off-site storage service. Cloud provides a wide range of benefits such as lower costs, higher flexibility, automatic software updates, increased collaboration, and the freedom to work from anywhere. Companies sometimes adopt cloud technologies without being fully aware of the security risks. This leaves them involved open to numerous technical and financial risks. In this blog, let’s take a look at the top risks that come with migrating to the cloud.
The Cloud Security Alliance (CSA) has created its latest version of the Treacherous 12: Top 12 Threats to Cloud computing report. This report provides organizations with an up-to-date understanding of cloud security concerns so that they can make educated decisions while adopting cloud strategies. CSA has created industry-wide standards for cloud security.
The top 12 critical issues are(ranked in order of severity):
Data Breaches
Data Breach is an incident unauthorized individuals steal confidential information. The extent of damage caused usually depends on the nature of the exposed data. A report conducted by Ponemon Institute reported that overall data breaching was three times more likely to occur for businesses that utilize the cloud than those that don’t. The vast amount of data hosted on the cloud and the ease of access makes them an attractive target.
Weak Identity, Credential and Access Management
Various attacks can occur due to a lack of scalable identity access management systems, failure to use multifactor authentication, weak password use and poorly managing keys and certificates. CSA says that malicious actors masquerading as legitimate users, operators or developers can read, modify and delete data; issue control plane and management functions. They can snoop on data in transit or release malicious software that appears to originate from a legitimate source. As a result, insufficient identity, credential or key management can enable unauthorized access to data and potentially catastrophic damage to organizations or end-users.
Insecure APIs
The security and availability of general cloud services are dependent on the APIs and Interface used by the cloud providers. They are the most exposed part of the system and their vulnerable nature can expose organisations to a variety of security threats. The UI must be designed in a way that it can protect against both accidental and malicious attempt to bypass or attack a system.
System and Application Vulnerabilities
System vulnerabilities are exploitable bugs in programs that attackers can use to infiltrate a computer system for the purpose of stealing data, taking control of the system or disrupting service operations. The impact due to bugs is profound and costly. However, such attacks can be mitigated with basic IT operations. Whenever one announces common vulnerabilities and exposures(CVEs), organizations must be capable of providing patches to those bugs quickly.
Account Hijacking
User error or malicious attacks can cause an account to be hijacked. Once inside, hackers can eavesdrop on activities, modify data, or manipulate transactions. Intruders may even be able to redirect customers to inappropriate content or a competitor’s site. All of these malicious tactics are business damaging. Worst of all, should a malicious user gain access to your cloud account, they could launch further attacks from within the service. This could be against the company or other users. Organizations should warn users against sharing their credentials and encourage them to use two-factor authentication.
Malicious Insiders
A malicious insider such as a system administrator can access potentially sensitive information. They can have increased levels of access to more critical systems and eventually to data. Insider threat does not always mean a disgruntled employee. It also includes human errors made by a system admin or a contractor. This threat can be diminished by implementing proper policies, segregating duties, minimizing access by role, and effective logging, monitoring and auditing of administrators’ activities.
Advanced Persistent Threats (APTs)
Advanced Persistent Threats (APTs) are a parasitical form of cyberattack. It infiltrates systems stealthily over extended periods of time to establish a foothold in the computing infrastructure of target companies. Once it’s done they can smuggle data and intellectual property. The common points of entry for APTs are spearphishing, direct hacking systems, delivering attack code through USB devices, penetration through partner networks and use of unsecured or third-party networks. They are difficult to detect and eliminate. Although, staff training and proactive security measures can stop some APTs.
Data Loss
Data on cloud services can be lost through a malicious attack, natural disaster, or a user forgetting their encryption key value. Information is the single most valuable asset most companies possess. CSA says that cloud consumers should review the contracted data loss provisions. They must ask about the redundancy of a provider’s solution. They should understand which entity is responsible for data loss and under what conditions.
Insufficient Due Diligence
Companies put themselves at risk by blindly following the trend of migrating to the cloud. Moreover not doing proper research about the risks puts them in danger. The bottom line for enterprises and organizations moving to a cloud technology model is that they must perform extensive due diligence. In order to understand the risks they assume adopting this technology model and engaging the suppliers who provide it, CSA says.
Abuse and Nefarious Use of Cloud Services
Malicious users use cloud services to launch DDoS attacks, phishing campaigns or host malicious/pirated content. Abuse of cloud services is one threat that is the sole responsibility of the Cloud Service Providers(CSP). A CSP must have an incident response framework to address the misuse of resources. They must also have means for customers to report abuse originating from a cloud provider. A malicious user can reduce the available cloud capacity for legitimate customers. Thus a provider should include relevant controls to let the customer monitor their cloud workload.
Denial of Service
DoS attacks take advantage of vulnerabilities in web servers, databases or other cloud resources, allowing a malicious individual to take out an application. These attacks are either used to prevent users from accessing the application data or as a smokescreen for attacks taking place elsewhere. The key to handling DoS attacks is detection and mitigation.
Shared Technology Vulnerabilities
Cloud technology does not make substantial changes to the underlying hardware/software in order to deliver scalable services. The components might not provide the infrastructure and strong isolation properties required to support cloud services. This can lead to shared technology vulnerabilities that can potentially be exploited in all delivery models. Solutions to this threat include multi-factor authentication on all hosts, use of Intrusion Detection Sytems(IDS) on hosts & network and keeping shared resources patched.
Cloud is indeed an exceptional way to manage individual and company data. But users need to have a better grasp on the risk they assume when migrating their website, business, or sensitive data to the cloud.