Cloud Security Awareness Starts Here

By Danish Wadhwa

AllCloud Blog: Cloud Insights and Innovation

As cloud computing has involved in most businesses, so cloud security awareness has become imperative to prevent cyber attacks and data breaches. Most of us use cloud computing services regularly. For instance, businesses use web-based email systems, such as Yahoo and Google to exchange messages; social networking sites like Facebook, LinkedIn, and Twitter to share information and stay in touch with friends; on-demand subscription services, such as Netflix and Hulu to enjoy TV shows and movies; cloud storages, like Humyo, ZumoDrive, and Dropbox to save any type of data online; collaboration tools, like Google docs to work in real time with many people on the same document; and online backup tools, like JungleDisk, Carbonite, and Mozy to backup our data to cloud servers.

Cloud computing has also been involved in enterprises; businesses rent services from cloud computing vendors to minimize operational costs and increase cash flow. For instance, the social news website, Reddit, rents Amazon Elastic Compute Cloud for their bulletin board service. SmugMug, the digital photo sharing website, rents Amazon Simple Storage Service for their photo hosting service.

The leading automaker, Mazda USA, uses Rackspace for their marketing advertisements. The HRLocker is the software company that rents Windows Azure for their human resources software service.

There is clear that the ease and low charges of cloud computing services have changed the way we deliver services, but the security risks related to cloud computing make us prone to cybercrimes that occur every day. Hackers deploy different techniques to gain cloud access without legal authorization or interrupt services on clouds to achieve specific objectives. Hackers could trick a cloud into treating their illegal activity as a right instance, therefore, achieving unauthorized access to the data in the cloud.

This article maps out about various cloud security threats that businesses are likely to face during theircloud journey.

ACCOUNT HACKING

Account hijacking is a security attack that involves the stealing of an individual’s account related to a service or computing device. During an account hijacking, an attacker tricks the victim to get personal information or confidential data. Generally, this type of attack is performed using phishing, guessing passwords, spoofed emails, and exploitation of software vulnerabilities. There are many cases where an email account is associated with other online services and those get undermined as well. The use of passwords again increases the impact of the cyber attack.

Cloud applications amplify the risk because if an attacker gets access to an account, he can track transactions and can even manipulate data. The attacked cloud service account becomes a base for the attacker, and the implications of an attack can be tough on an enterprise. Stolen credentials can help an attacker to easily get access to critical areas of cloud computing services undermining their availability, integrity, and confidentiality. Advanced Security strategies are required to deal with such attacks and to control the damage that data breaches cause. Two-factor authentication is the best solution to minimize the risk of account hijacking. Businesses should also implement a restrictive user access policy and restrict the sharing of account credentials between the different services.

DENIAL OF SERVICE

Denial of service is a security attack that affects cloud users by restricting them from accessing hosted applications. The attack compels the cloud service to consume system resources, such as disk space, processing power, or network bandwidth. This type of attack results in a non-responsive service leading to potential financial losses and destroys the reputation of the cloud provider. Cloud services on the Internet are commonly the target of Distributed Denial of Service (DDoS) attacks. The attacks can be DNS amplification attacks, SYN floods, asymmetric application-level attacks, and malformed UDP and TCP packets. During Asymmetric application-layer attacks, an attacker takes advantage of cloud resource vulnerabilities, like web servers and databases that help him or her to take out a service using a small payload.

Neustar examined the global outbreak of DDoS attacks throughout all sectors, but gave Healthcare IT News with a healthcare-specific report.

Its analysts found that DDoS attacks have increased by 13 percent since 2016 on the healthcare industry. Furthermore, the U.S. suffered 14 percent more attacks compared to its global counterparts.

Even more shocking, of the 2017 DDoS attacks on healthcare, 45 percent of all the organizations concluded that the attack was from an outside party. And of these attacked organizations, more than half were not informed by IT about it.

Businesses can detect DDoS attacks by tracking the traffic for significant amplification of the number of packets-per seconds. There are some cases where the service stays available for users, but the used bandwidth to get to the service can be consumed, leading to unworthy or unreachable service.

THREAT-ORIENTED INTERFACES AND APIs

Cloud customers can get access to a set of APIs provided by the cloud vendors to manage the cloud services. These interfaces are used for provisioning, orchestration, management and tracking. The security of the cloud services depend on this APIs security, and so they should be designed with security in mind to safeguard against attempts to circumvent the security policy.

There are some cases when security risks are instigated by the providers along with custom services that are developed on top of these interfaces. It is essential that cloud customers know the full extent of the security implications related to the management, using and monitoring of Cloud Services. A weak interface set poses cloud consumers to security threats associated with availability, integrity, and confidentiality of data. Various platforms ensure cloud security, and you can dive in deeper of cloud computing by taking training like AWS training from experts.

CLOUD SERVICES ABUSE

The cloud services abuse is a threat that emerges from the fact that an attacker can use large amounts of computing power for malicious purposes that range from cracking an encryption key to the staging of a DDoS attack. Cloud Service providers should consider this threat while developing the incident response strategy and the acceptable use policy that SaaS users, PaaS developers, and IaaS administrators can use for risk reduction.

SHARED TECHNOLOGY VULNERABILITIES

By sharing the infrastructure, platforms and applications, the cloud service providers are able to deliver their service in a scalable way. If the cloud infrastructure components do not offer isolation properties for applications or infrastructures being used by various clients, the cloud provider is posed to a new type of threat and vulnerabilities that exist in the shared technology. A single vulnerability can result in the compromise of the complete client portfolio of the cloud service provider. The virtual machine monitor or hypervisor is a computer software particular to cloud infrastructures that operate virtual machines. If an attack remains successful on this component, it has potential to expose the whole environment.

LACK OF DUE DILIGENCE

Businesses that plan to align with cloud technologies should know all of the aspects of such a cloud change.Cloud providers commit rational efficiencies and cost cuttings but this has to be done with the thorough understanding of the services and applications that exist in the cloud, or else companies expose themselves to various risks. Security issues crop up when developers who are not acquainted with the cloud computing are working on a cloud application. Sufficient resources must be given to performing due-diligence to under to know the risks of adopting the new computing model.

About the Author

Danish Wadhwa is a strategic thinker and an IT Pro. With more than six years of experience in the digital marketing industry, he is more than a results-driven individual. He is well-versed in providing high-end technical support, optimizing sales and automating tools to stimulate productivity for businesses.

Danish Wadhwa

Read more posts by Danish Wadhwa