Introduction
Nowadays, most organizations have started moving to public clouds like AWS, Azure, or GCP. Working with the public cloud has its own advantages but while dealing with sensitive data it is recommended to know potential security threats and how we can overcome them with best practices. Considering the promises and risks associated with public cloud computing, Cloud Security Alliance has created a set of cloud security standards.
This will be the second article from the series of articles related to cloud security as a service. If you want to read more about the first article then refer to this blog.
Cloud Security Threats
System Vulnerabilities
System vulnerabilities are basically a bug in the program that attackers can use to damage the computer system to steal the data and take the control of the software application. This is not a new type of bug but it has been there in the market since the inception of the information systems.
Vulnerabilities with the system and operating system can create a lot of issues with data and software systems.
Business impact with the system vulnerabilities for the software application is very profound and costly. But the cost for the protections is relatively small compared to other IT expenditures.
Account Hijacking
Various attacking methods such as phishing, fraud, and new software vulnerabilities. In normal software applications, we keep using our credentials and password which mainly causes such types of attacks. If an attacker gets access to that unchanged username and password, they can access and monitor transactions, activities, and unauthorized information from the end-user.
- Organizations should be aware of such types of attacks and common defense techniques should be in place to resolve any type of account hijacking issues.
- We can resolve issues by enabling two-factor authentication and enabling tracing and audit logging.
- With stolen information such as user name and password, attackers can get access to the critical information which can cause a lack of trust and issues for the regulatory complaints.
Malicious Insiders
- A malicious insider can be caused by the current or former employee of the organization or contractor or another business partner who is an authorized user to access the organization's data but the person tries to use this information in a manner that can negatively affect the organization or access more data than authorized for personal interest.
- Business impact can be low with malicious insiders and sometimes it can also be not intentional. We can avoid such issues by creating a clear separation and isolation on role and access required at a granular and micro level.
- We can also create policies and enable the detailed level of monitoring for the resolution.
Advanced Persistent Threats
- Advanced persistent threats are a form of cyber attack which infiltrates the system to establish access to the cloud infrastructure of the target companies to get access to the unauthorized data to smuggle the data and access to the intellectual property.
- Advanced Persistent Threat tries to get access to the data over a period of time.
- IT departments should be aware of the latest advanced cyber security which targets companies and government organizations.
- Awareness programs across the organizations will help them to avoid issues with APT.
- Advanced persistent threats require more advanced security controls and process management which can lead to increased budget.
Data Loss
- For both consumers and businesses, data loss is considered a big threat.
- Data stored in the cloud can be lost due to various attacks.
- Accidental deletion of the cloud service provider or physical issues such as earthquakes can lead to permanent loss of data.
- Cloud consumers should review the data loss provisions and understand which entity is responsible for the data loss.
- The risk of relying on a provider to store, back up, and protect data must be considered
Conclusion
In this article, we explored security threats in detail like System Vulnerabilities, Account Hijacking, and Malicious Insiders. We also explored in detail their business impact and possible resolutions for the same. In this next article from this series, we will explore other potential cloud security threats defined by CSA