Breaches 05-13-2016

Understanding the Threat Landscape When Using the Cloud

Elizabeth Baier

Many professionals are familiar with methods cybercriminals use to breach enterprise security, whether it is through phishing scams, DDoS attacks, social engineering, or another tactic. Cloud malware can be added to this list and is gaining more attention as more enterprises are using the cloud for business ventures.

Enterprises turn to the cloud as a convenient way to communicate, organize, and execute tasks. In 2015, there was four times as much external collaboration via public cloud applications and ten times as many files being stored in public cloud applications than in previous years. The "borderless" environment of the cloud opens companies to more opportunities for a breach, and it is crucial for organizations to consider the emerging threats associated with the cloud.

Common Threads with Attacks

It's common for an attacker to follow a pattern once he or she finds a backdoor that works. Even though companies deploy firewalls and other tools to defend against criminals, there are still ways to remain vulnerable. Usually an attacker will find an unsuspecting user and then deploy malware on the user's machine, who unknowingly just opened the door.

Next, the attacker establishes a control channel with the outside world and, at the same time, attempts to unload sensitive assets directly or even through lateral movement. Once complete, the attacker can manage the user's files even without the user using the application.

Preparing for Threats

Prepare for security threats to the cloud before your organization becomes a victim.

The Cloud Security Alliance (CSA) announced the “Treacherous 12” at RSA 2016, referring to the top 12 cloud computing threats organizations face this year. Here are six that stand out to us.

Data Breaches:  The CSA notes that breaches in the cloud usually happen due to poor authentication standards, weak passwords, and/or poor certificate management processes. Hacked Interfaces and APIs: Enterprises with weak interfaces and APIs open themselves up to confidentiality, integrity, availability, and accountability security issues. CSA points out that this area tends to be the most exposed part of a system. Exploited Vulnerabilities: Unpatched systems or exploitable bugs are a huge issue for cloud-using enterprises. "Basic IT processes" fix these issue; IT pros should make sure to do regular vulnerability scanning and patch bugs immediately. The APT Parasite: "Advanced persistent threats" include phishing, malware, and direct attacks. These are hard to find because they blend in, but awareness programs keep users informed and ready to combat when something is fishy. Cloud Service Abuses: Cloud services are often susceptible to DDoS attacks and result in downtime, loss in productivity, and lost data. Shared Technology, Shared Dangers: Vulnerabilities in shared technology (using the cloud) pose a significant threat. It takes just one vulnerability or misconfiguration in one host to compromise an entire network.

Using the cloud is inevitable, especially in the increasingly-connected business world. Therefore, enterprises must ensure they are protected from all angles of security, especially since the cloud environment has no borders and because cybercriminals are desperate to exploit it.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

12-04-2024

How artificial intelligence is reshaping digital trust

12-18-2024

Announcing the new open-source DCV library from DigiCert

How to spot a fraudulent website