Main threats
The
Cloud Security Alliance (CSA), a not-for-profit industry organization that
promotes cloud-based security practices, recently updated its list of top threats
in a report entitled Cloud Evil: Top 9 Threats to Cloud Services in 2013.
The CSA indicates that the report reflects the consensus of experts
on the most significant security threats in the cloud and focuses on
threats arising from the sharing of shared cloud resources and access to them
by many users
on demand.
The
report, released Monday, aims to help cloud users and cloud service
providers implement better risk reduction strategies.
So, the main threats ...
Data theft
Theft of confidential corporate information - always
scares organizations with any IT infrastructure, but the cloud model opens
up “new, significant lines of attack”, CSA points out. “If the cloud database
with multiple leases is not properly thought out, then a flaw in the
application of one client can open to crackers access to the data not only
of this client, but of all other users of the cloud,” warns CSA.
Any "cloud" has several levels of protection, each
of which protects information from a different type of "attempt".
So, for example, the physical protection of the server. Thisis not even about hacking, but about theft or damage to media. Taking the
server out of the room can be hard in the truest sense of the word. In
addition, any self-respecting company stores information in data centers with
security, video surveillance and restriction of access not only to outsiders,
but to most of the company's employees. So the likelihood that an attacker
simply comes and takes information is close to zero.
Just as an experienced traveler, fearing robberies, does notstore all the money and valuables in one place, SaaS companies do not store all
information on one server. So, hacking, even if it happens, becomes much less
painful. How does he threaten the user? Virtually nothing. As practice shows,
most often, when a server is hacked, they steal a database of email addresses.
This means that the user will receive a fraction of spam in the mailbox. Andthat’s it.
The second level of protection for “clouds” is protection
during data transfer. SaaS companies encrypt all traffic using the https
protocol using an SSL certificate. So the data will be safe from the attemptsof traffic analyzers to intercept them.
Data loss
Data stored in the cloud may be stolen by cybercriminals orlost for another reason, writes CSA. If the cloud service provider does not
implement proper backup measures, the data may be accidentally deleted by the
provider itself or it will suffer in case of fire or natural disaster. On theother hand, a customer who encrypts data before uploading it to the cloud, who
suddenly lost the encryption key, will also lose his data, CSA adds.
The fear is justified, but problems can be avoided bybacking up. Companies that care about customers and reputation, automatically
and daily copy the database at least twice. Thus, if the user contact technical
support with a message about accidentally deleted but important files, they can
be restored.
Such a problem should also be solved proactively, on thepart of the user, and relates to the issue of coaching and computer literacy of
colleagues, as well as the restriction of access rights to change and delete
files.
Account Theft / Hacking Services
In a cloud environment, an attacker can use stolenregistration information to intercept, tamper with or give out distorted data
to redirect users to malicious sites, CSA writes. Organizations should prohibit
the distribution of their registration data to other employees and the use of
the same passwords for all services. You must also implement robust, two -factor authentication to reduce risk, CSA recommends.
Unprotected Interfaces and APIs
Weak software interfaces or the Application ProgrammingInterface (API) used by customers to manage and interact with cloud services
expose the organization to a number of threats, CSA writes. These interfaces
must be properly designed and must include authentication, access control and
encryption to provide the necessary protection and availability of cloudservices.
The CSA also adds that organizations and third-partycontractors often use cloud-based interfaces to provide additional services,which makes them more complex and increases the risk, as it may be necessary
for the customer to provide their registration data to such a contractor to
simplify the provision of services.
DDoS attacks
A denial of service attack can be launched on the cloud thatcauses infrastructure overload, forcing a huge amount of system resources to beused and preventing customers from using this service. The attention of the
press is most often attracted by distributed, or DDoS attacks, but there are
other types of DoS attacks that can block cloud computing, CSA writes. For
example, attackers can launch application-level asymmetric DoS attacks using
vulnerabilities in Web servers, databases or other cloud resources to flood an
application with a very small payload.
Systems that rely solely on a cloud service provider for
security are at great risk, CSA writes. “Even if encryption is implemented , ifthe keys are not stored only by the customer, being available only for the timethey use the data, the system is still subject to malicious actions of theinsider,” CSA points out.
The use of cloud resources by hackers
Cloud computing enables organizations of all sizes to
harness massive computing power, but someone might want to do it with unseemly
intentions, CSA warns. For example, a hacker can use the combined power of
cloud servers to crack an encryption key in minutes.
Cloud service providers should consider how they will trackpeople who use the power of cloud infrastructure to the detriment of how these
abuses will be detected and prevented, CSA writes.
In pursuit of lower costs and other benefits of the cloud,
some organizations are rushing to use cloud services, not fully understanding
all the consequences of this step, CSA writes. Organizations must conduct an
extensive, rigorous audit of their internal systems and potential cloud
providers to fully understand all the risks they face when moving to a new
model.
In any cloud delivery model, there is a threat of
vulnerability through shared resources, CSA points out. If a key component of a
shared technology - for example, a hypervisor or an element of a common
platform - is compromised, then this puts not only the affected customer at
risk: the entire cloud environment becomes vulnerable.
A fairly popular claim to the "clouds." Indeed,
the operation of such services may be unstable, but due to problems with the
Internet. Slowly but surely, the situation with the Internet in the country is
improving. A self-respecting company can take care of the quality of theconnection itself.
Cloud security situation
2017: SAP CIS: Key Barriers to Implementing Cloud Services
According to a Kaspersky Lab survey , 13% of Russian
companies for a year at least once encountered incidents related to the
security of cloud infrastructure. At the same time, about a third of companies
(32%) lost data as a result of these incidents. Every day, cloud-based
corporate infrastructures and networks, regardless of their size, are exposed to
a large number of internal and external attacks. However, business does not yettake this threat seriously: only 27% of Russian companies believe that the
overall security of their corporate network depends on the security of their
virtual systems and cloud infrastructures [1] .
The biggest concern for companies is the protection of
external cloud services. Thus, respondents worry that incidents may occur from
suppliers on outsourcing which transferred business processes , from
third-party cloud services or IT infrastructure , where the company rentscomputing power. However, despite all this concern, only 15% of companies check
compliance with third-party security requirements.
“Despite the fact that recent large-scale hacks haveoccurred inside the data center , traditional security systems still focus only
on protecting the network perimeter and controlling access rights. At the sametime, the negative impact of solutions to protect the physical infrastructureon the performance of virtual environments is rarely taken into account,
”explained Veniamin Levtsov, Vice President, Corporate Sales and Business
Development, Kaspersky Lab. - Therefore, in converged environments it is so
important to use appropriate comprehensive protection, ensuring the security of
virtual systems with specially designed solutions. We are implementing anapproach in which, regardless of the type of infrastructure for all systems, a
single security coverage of the entire corporate network is provided. And this
is where our technologies and modern VMware developments (such as
microsegmentation) complement each other perfectly. ”
2014: Ponemon and SafeNet data
Most IT organizations are unaware of how corporate data isprotected in the cloud — as a result, companies endanger their user accounts
and confidential information. This is just one of the findings of a recent fall
2014 study by the Ponemon Institute commissioned by SafeNet . As part of a
study entitled “Challenges of Information Management in the Cloud: A Global
Data Security Survey,” more than 1,800 IT and IT security experts were surveyedworldwide.
Among other findings, the study found that while
organizations are increasingly leveraging the power of cloud computing,
corporate IT departments are struggling with data management and cloudsecurity. The survey showed that only 38% of organizations clearly defined
roles and responsibilities for ensuring the protection of confidential and
other sensitive information in the cloud. The situation is aggravated by thefact that 44% of corporate data stored in a cloud environment is beyond the
control of IT departments and is not managed by them. In addition, more thantwo-thirds (71%) of respondents said that they face ever new difficulties when
using traditional security mechanisms and techniques to protect confidentialdata in the cloud.
Comments
Post a Comment