Written by Kirill Morozov — CTO & Chief Architect @ Cloudride
The worldwide pandemic has hugely affected businesses, the biggest challenge being the need for telecommuting. Numerous organizations have moved to the cloud much faster, and in many cases, this implies that the best security controls have not been implemented. Herein is an overview of the cloud security threats that may be identified as problematic in the upcoming months.
Cloud environments facilitate full adaptability when running virtual machines and creating instances that match any development capabilities needed. However, if not appropriately controlled, this flexibility can allow threat actors to launch attacks that give them long-term control over company data and assets on the cloud.
An example is how Amazon Web Services makes it possible for designers to execute a script with each restart of an Amazon EC2 instance. If malicious programmers figure out how to misuse an instance leveraging a corrupted shell script, they can have unauthorized access and use of a server for a long time.
The programmers can quickly move between the servers from that opening, corrupting, stealing, and manipulating data or using this as a launchpad for more sophisticated attacks. The first obvious solution: Administrators should configure the instances such that users must log in every time they access them.
Generally, such cloud environments’ agility is a significant shortcoming that businesses should watch out for. There are many chances of larger threats arising out of misconfiguration.
Data Breach and Data Leak
80 % of businesses surveyed in a 2020 data breach study confirmed that they had experienced a data breach in the previous 18 months.
A data breach is a mishap where the data is gotten to and extricated without approval. Data breaches may lead to data leaks where private information is found where it shouldn’t be. When organizations move to the cloud, many assume that the job of protecting their data falls on the cloud provider.
This assumption is not absurd. By transferring sensitive data to a third party, the cloud provider, in this case, is required to have robust security controls where the data will reside. However, the data owners have a role to play in their data safety and security as well.
Therefore, public cloud platforms use the “Shared Responsibility” model. The provider takes care of some layers of software and infrastructure security, but the customer is responsible for how they access/use their data.
Sadly, even though the public cloud providers make comprehensive information on cloud security best practices widely available, the number of public cloud data leaks continues to rise. The error is on the customer’s end; lack of proper controls and proper administrative maintenance, and poor configurations.
The threat of bots is real.
With increased automation today, bots are taking over computing environments, even on the cloud. But 80 % of these are bad bots, according to data by Global Dots. Threat actors could leverage bad bots to capture data, send spam, delete content or mount a denial-of-service attack.
Bots can use the servers they attack to launch attacks on new servers and users. As a form of advanced persistent threats, bots-as seen in attacks such as crypto mining-can take hostage an entire cloud asset to perform the functions of their malicious owners.
The risk with bot attacks isn’t just confined to loss of computing resources. Newer forms of crypto mining malware can extract credentials from unencrypted CLI files. Administrators should consider implementing a zero-trust security model.
Misconfiguration in the cloud
2020 and the years past have taught us many things concerning misconfigurations. For example, although As a default setting, Amazon S3 buckets are private and can only be accessed by individuals who have explicitly been granted access, Unsecured AWS S3 data buckets can cause costly data leaks. But this is not the only misconfiguration risk on the cloud.
Threat actors are leveraging the advantage of the cloud to cause expansive mayhem with a single compromise. It calls for companies to secure their servers, tighten access rules and keep an updated inventory of systems and assets on the cloud. If businesses don’t understand how to configure services and control access permissions, they expose themselves to more risks.
If you are reading this article, you are most probably already aware of the many advantages of the cloud environment, but security is a factor that cannot be overlooked at any given moment. Without the right security expertise, controls, and proper configurations, this environment poses significant risks as well. The good news is — they are preventable.
At Cloudride, we live and breathe cloud security. From AWS, MS Azure, and other ISV’s, we can help you migrate to the cloud faster yet securely, strengthen your security posture and maximize business value from the cloud.
Originally published at https://www.cloudride.co.il.