- Choosing testing environment for VAPT - 24/06/2024
- What is the ideal web session timeout? - 15/05/2023
- Why is it important for companies to plan for internal threats? - 09/02/2023
Security threats
1. Misuse of Cloud Computational Resources: In order to conduct cyber-attacks on computer systems, a large amount of computing power is required. So, hackers use multiple computers to develop higher computing power. This is a complicated case which may take few months to complete. But nowadays, this can be done easily. Using a simple registration process in a cloud computing service provider, powerful computing infrastructure could be easily created. Therefore, by using the prevailing computing power of cloud networks, hackers can initiate attacks in a short period of time. Brute-force attacks and Denial of Service (DoS) attack are examples of attacks that use the power of cloud computing. A brute-force attack is a technique used to break passwords using powerful computing capability. DoS attempts to interrupt a host or network resources so that an authorized user cannot access it.
2. Data Breaches: Security threats may occur from both inside or outside an organisation. The reason for vulnerabilities on the inside are poor enforcement of roles, unclear roles and responsibilities, system or OS vulnerabilities, inappropriate physical security procedures, poor patch management or other application vulnerabilities. Cloud computing provides inexpensive services to users such as powerful processing capability and large amounts of storage space. So, companies can move their business into clouds so that they do not need to buy their own servers to store and handle customer information. For example, Dropbox provides cloud storage service to customers for storing terabytes of data. However, sensitive data stored on clouds becomes an attractive target to online cyber theft. One example of online cyber theft is what happened with the online retailer Zappos; around 24 million client accounts might have been compromised owing to the breach in their database. In case of social networking sites (for example, Twitter, Facebook or LinkedIn), data stored on a cloud could be hacked. For example, the world’s biggest professional networking website, LinkedIn reported that their password database was hacked in a security breach and around 6.5 million hashed passwords were stolen. The online cyber attackers can use stolen passwords to access users’ accounts as well as to launch malicious attacks on users. Online cyber theft also takes advantage of the computing power offered by cloud service providers to launch attacks.
3. Cloud Security Attacks: Internet users get dynamic webpages from web-based applications to access application servers using a web browser. These can be simple applications like an e-mail system or complex applications like an online banking system. These application servers are vulnerable to web based attacks. According to reports, in 2011, web-based attacks increased by 36% with over 4,500 new attacks each day. These attacks include information leakage and improper error handling, failure to restrict URL access, broken authentication and session management, improper data validation, malicious file execution and insecure communications. There are two categories of cloud security attacks – the malware injection attack and wrapping attack.
Following threats are generally observed in cloud computing and its adoption:
• Misuse of Cloud Computing
Remedy: • Strict initial registration and validation processes must be followed. • Improved credit card monitoring and coordination need to be in place to find out the frauds. • Complete self-analysis of customer network traffic areas is essential. • Monitoring public blacklist addresses and for one’s own network blocks can be helpful too.
• Insecure Application Programming Interfaces
Remedy: • Evaluate the security model of cloud service provider interfaces to secure newly developed interface. • Apply strong authentication and access controls are applied in accordance with encryption. • Understand the dependency chain associated with the interfaces.
• Malicious Insiders
Remedy: • Implement strict management of supply chain and conduct a complete supplier assessment. • Specify HR requirements as part of legal contracts at the hiring of employees for cloud services should be in place • Assure transparency into whole information management practices as well as compliance reporting. • Control security breach announcement processes.
• Shared Technology Vulnerabilities
Remedy: • Implement best practices of security for installation of software and structure. • Monitor whole environment for unauthorized changes or activity. • For administrative access and operations, you can promote strong authentication and access control. • Enforce (SLA) service level agreements for vulnerability finding and patching. • Regularly conduct scanning for finding vulnerability and configuration audits.
• Data Loss/Leakage
Remedy: • Implement strong application level Interface access control. • Encryption and protection of integrity of data in transit. • Analysis of data protection at design level and run time level. • Enforce strong key-generation, storage management along with destruction practices. • In contract, specify provider backup and retention strategies clearly
• Account, Service & Traffic Hijacking
Remedy: • Disallow the sharing of credentials between users and services. • Apply strong two factor authentication techniques wherever possible. • Employ practical monitor to detect unauthorized activity. • Recognize cloud provider security policies and SLAs to understand the actual policies
• Unknown Risk Profile
Remedy: • Disclosure of important applicable logs and data. • Complete exposure of infrastructure details (e.g., patch levels, firewalls, etc.). • Monitoring gives alert on necessary information.