Top Threats In Cloud Security
- What is the ideal web session timeout? - 15/05/2023
- Why is it important for companies to plan for internal threats? - 09/02/2023
- How pentesting differs in various operating systems? - 09/02/2023
“Top Threats to Cloud Computing”, provides needed background to help organizations in making refined risk management decisions regarding their cloud adoption strategies.
#Threat1- Misuse of cloud computing:
PaaS providers have usually suffered most from this type of attacks. Recent evidence shows that attackers have initiated to target IaaS cloud providers as well. Forthcoming areas of concern for security include password cracking and key cracking, Distributed Denial of Service, launching attack sensitive points, hosting harmful data, bot or botnet, building rainbow tables, command and control, and CAPTCHA solving farms.
Examples: IaaS host the botnet called as Zeus. They are called as information stealer Trojan horses. Most of the times, this botnet is used in Microsoft word and Adobe pdf reader exploit. Botnets have also used in IaaS servers for command and control functions. Due to this, entire IaaS network (IP addresses) gets openly blacklisted and ultimately blocked.
#Threat2 – Insecure interfaces and API’s:
Cloud computing service providers expose a set of interfaces or APIs that customers use to interact with cloud services providers. Management, instrumentation, and monitoring are performed using these developed interfaces. The security and accessibility of general cloud services are dependent on the security of basic software APIs. From authentication and access control till encryption and monitoring, these software interfaces should be planned to protect against unintended and malicious attempts to avoid policy. Organizations along with third parties, regularly build upon these interfaces to offer valued services to cloud customers. Generally, organizations surrender their credentials to third parties in order to enable them to handle it.
Example: Unidentified access and reusable tokens or passwords, fixed access controls or inadequate authorizations, plain-text authentication or transmission of content, limited monitoring and logging capabilities, unknown service or API dependencies.
#Threat3 – Malicious Insiders: The threat of a harmful inside employee is well known to most of the organizations. This hazard is bigger for consumers of cloud services it they merge of IT services and customers under management domain.
Example: cloud service provider may not disclose how they grant employees access to virtual assets, how they monitor the logs of these employees and how they analyse the reports on policy compliance. Sometimes there is also no visibility to the employment standards and practices of cloud employees.
#Threat4 – Shared Technology Issue:
IaaS vendors provide their services in a scalable way through distribution infrastructure. Often, the fundamental components that build this infrastructure, like, caches of CPU, General Public Licenses, etc. are not intended to design for strong separation properties for a multi-customer architecture. To address this issue or to fill this gap, virtualization hypervisor facilitates access between guest operating systems and the physical computer resources. Even hypervisors have revealed flaws that have permitted operating systems to gain control on the platform. A defence in depth strategy is suggested and should include storage and network security enforcement and monitoring. Specific separation should be deployed to ensure that individual customers do not affect the operations of other customers’ working on the same cloud. Customers should not have access to other customers’ data, network traffic, etc.
#Threat5 – Data loss of leakage:
There are different ways to compromise data. Without a backup, if there is a deletion or alteration of data of the original content, it is a good example of data compromise. A record from a larger context may be un-discoverable or unrecoverable as it may be stored on non-reliable media. Therefore parties which are not authenticated, must be prevented from gaining access to sensitive information or data.
The threat of data compromise is more in cloud due to more interactions between risks and challenges, which are unique to cloud or dangerous because of the operational features of the cloud environment.
Example: Improper AAA or authentication, authorization, and audit controls, varying use of encryption and software keys, operational failures etc.
#Threat6 – Account or service hijacking:
This is very well known threat. Attack methods such as fraud, phishing and misuse of software vulnerabilities still achieve their results. Authorizations and passwords are often reused, which strengthen the influence of such attacks. If a malicious hacker gains access to your credentials, they can eavesdrop on your actions and transactions, manipulate data, return forged information, and redirect your clients to illegal or no legitimate sites. Customer account and service instances may become latest base for the attacker. They may influence the power of your reputation to launch successive attacks.
#Threat7 – Unknown risk profile:
One of the advantages to the customers of Cloud Computing is that they get to focus more their core activities. This has financial and operational advantages. But different versions of software, code updates, vulnerability profiles, security practices, intrusion attempts, and security design, are important factors while estimating your company’s security architecture.