Cloud Computing has been growing at an exponential rate and today around 70 per cent of businesses have migrated partially or entirely to the off-site storage service. Cloud provides a wide range of benefits such as lower costs, higher flexibility, automatic software updates, increased collaboration, and the freedom to work from anywhere. Companies that adopt cloud technologies without being fully aware of the security risks that are involved open themselves up for numerous technical and financial risks. In this blog, let’s take a look at the top risks that come with migrating to the cloud.
The Cloud Security Alliance (CSA) has created it’s latest version of the Treacherous 12: Top Threats to Cloud computing report in order to provide organizations with an up-to-date understanding of cloud security concerns so they can make educated decisions while adopting cloud strategies. CSA has created industry-wide standards for cloud security.
The top 12 critical issues are(ranked in order of severity):
Data Breach is an incident where confidential information is accessed or stolen by unauthorized individuals. The extent of damage caused usually depends on the nature of the exposed data. A report conducted by Ponemon Institute reported that overall data breaching was three times more likely to occur for businesses that utilize the cloud than those that don’t. The vast amount of data hosted on the cloud and the ease of access makes them an attractive target.
Weak Identity, Credential and Access Management
Various attacks can occur due to a lack of scalable identity access management systems, failure to use multifactor authentication, weak password use and poorly managing keys and certificates. CSA says that malicious actors masquerading as legitimate users, operators or developers can read, modify and delete data; issue control plane and management functions; snoop on data in transit or release malicious software that appears to originate from a legitimate source. As a result, insufficient identity, credential or key management can enable unauthorized access to data and potentially catastrophic damage to organizations or end users.
The security and availability of general cloud services are dependent on the APIs and Interface used by the cloud providers. They are the most exposed part of the system and their vulnerable nature can expose organisations to a variety of security threats. The UI must be designed in a way that it can protect against both accidental and malicious attempt to bypass or attack a system.
System and Application Vulnerabilities
System vulnerabilities are exploitable bugs in programs that attackers can use to infiltrate a computer system for the purpose of stealing data, taking control of the system or disrupting service operations. The impact due to bugs in profound and costly, however, such attacks can be mitigated with basic IT operations.Whenever common vulnerabilities and exposures(CVEs) are announced, organizations must be capable of providing patches to those bugs quickly.
User error or malicious attacks can cause an account to be hijacked. Once inside, hackers can eavesdrop on activities, modify data, or manipulate transactions. Intruders may even be able to redirect customers to inappropriate content or a competitor’s site. All of these malicious tactics are business damaging. Worst of all, should a malicious user gain access to your cloud account, they could launch further attacks from within the service, against the company or other users. Organizations should warn users against sharing their credentials and encourage them to use two-factor authentication.
A malicious insider such as a system administrator can access potentially sensitive information and can have increased levels of access to more critical systems and eventually to data. Insider threat does not always mean a disgruntled employee, it also includes human errors made by a system admin or a contractor. This threat can be diminished by implementing proper policies, segregating duties, minimizing access by role, and effective logging, monitoring and auditing of administrators’ activities.
Advanced Persistent Threats (APTs)
Advanced Persistent Threats (APTs) are a parasitical form of cyberattack that infiltrates systems stealthily over extended periods of time to establish a foothold in the computing infrastructure of target companies from which they smuggle data and intellectual property. The common points of entry for APTs are spearphishing, direct hacking systems, delivering attack code through USB devices, penetration through partner networks and use of unsecured or third-party networks. In spite of being difficult to detect and eliminate, some APTs can be stopped by staff training and proactive security measures.
Data on cloud services can be lost through a malicious attack, natural disaster, or a user forgetting their encryption key value. Information is the single most valuable asset most companies possess. CSA says that cloud consumers should review the contracted data loss provisions, ask about the redundancy of a provider’s solution, and understand which entity is responsible for data loss and under what conditions.
Insufficient Due Diligence
Companies put themselves at risk by blindly following the trend of migrating to the cloud and not doing proper research about the risks that it might pose.The bottom line for enterprises and organizations moving to a cloud technology model is that they must perform extensive due diligence to understand the risks they assume by adopting this technology model and engaging the suppliers who provide it, CSA says.
Abuse and Nefarious Use of Cloud Services
Cloud services could be used by malicious users to launch DDoS attacks, phishing campaigns or host malicious/pirated content. Abuse of cloud services is one threat that is the sole responsibility of the Cloud Service Providers(CSP). A CSP must have an incident response framework to address the misuse of resources, as well as a means for customers to report abuse originating from a cloud provider. A malicious user can reduce the available cloud capacity for legitimate customers, thus a provider should include relevant controls to let the customer monitor their cloud workload.
Denial of Service
DoS attacks take advantage of vulnerabilities in web servers, databases or other cloud resources, allowing a malicious individual to take out an application. These attacks are either used to prevent users from accessing the application data or as a smokescreen for attacks taking place elsewhere. The key to handling DoS attacks is detection and mitigation.
Shared Technology Vulnerabilities
Cloud technology does not make substantial changes to the underlying hardware/software in order to deliver scalable services. The components might not provide the infrastructure and strong isolation properties required to support cloud services.his can lead to shared technology vulnerabilities that can potentially be exploited in all delivery models. Solutions to this threat include: multi-factor authentication on all hosts, use of Intrusion Detection Sytems(IDS) on hosts & network and, keeping shared resources patched.
Cloud is indeed an exceptional way to manage individual and company data, but users need to have a better grasp on the risk they assume when migrating their website, business, or sensitive data to the cloud.