}

The biggest cloud security threats for 2018, part 2

safe in the form of a cloud

Last week, we highlighted the six of the 12 biggest cloud security threats for 2018, as reported by Cloud Security Alliance (CSA). These included data breaches; insufficient identity, credential and access management; insecure interfaces and APIs; system vulnerabilities; account hijacking; and malicious insiders. Here are six more threats facing businesses and organizations that use the cloud in 2018.

  1. Advanced Persistent Threats (APTs)
  2. Data Loss
  3. Insufficient Due Diligence
  4. Abuse and Nefarious Use of Cloud Services
  5. Denial of Service
  6. Shared Technology Vulnerabilities

7. Advanced persistent threats (APTs)

Advanced Persistent Threats (APTs) are “a parasitical form of cyberattack that infiltrates systems to establish a foothold in the computing infrastructure of target companies from which they smuggle data and intellectual property,” CSA states.

APTs pursue their goals stealthily over long periods of time and often adapt to the security measures intended to defend against them. Once in place, APTs can move laterally through data center networks and blend in with normal network traffic to achieve their objectives.

8. Data loss

Data stored in the cloud can be lost for reasons other than malicious attacks: for instance, the cloud service provider might accidentally deleted data, or even worse, there could be a physical catastrophe, such as a fire or earthquake. Cloud consumers should review the contracted data loss provisions, ask about the redundancy of a provider’s solution, and understand which entity is responsible for data loss and under what conditions.

Under the new EU data protection rules, data destruction and corruption of personal data are considered forms of data breaches and require appropriate notifications. Additionally, many compliance policies require organizations to retain audit records or other documentation. If an organization stores this data in the cloud, loss of that data can jeopardize its compliance status.

9. Insufficient due diligence

Cloud technologies and cloud service providers (CSPs) should be considered when executives create business strategies.Developing a good roadmap and checklist for due diligence when evaluating technologies and CSPs is essential.

An organization that rushes to adopt cloud technologies and choose CSPs without performing due diligence exposes itself to several commercial, financial, technical, legal and compliance risks that jeopardize its success. This applies whether the company is considering moving to the cloud or merging with or acquiring a company that has moved to the cloud or is considering doing so.

10. Abuse and nefarious use of cloud services

Poorly secured cloud service deployments, free cloud service trials, and fraudulent account sign-ups via payment instrument fraud expose cloud computing models such as IaaS, PaaS, and SaaS to malicious attacks.

Malicious actors may leverage cloud computing resources to target users, organizations, or other cloud providers. Examples of misuse of cloud services include launching DDoS attacks, email spam and phishing campaigns; “mining” for digital currency; large-scale automated click fraud; brute-force compute attacks of stolen credential databases; and hosting of malicious or pirated content.

11. Denial of service (DoS)

Experiencing a denial-of-service attack is like being caught in rush-hour traffic gridlock: there is no way to get to your destination, and there is nothing you can do about it except sit and wait, CSA says.

Denial-of-service (DoS) attacks are attacks meant to prevent users of a service from accessing their data or their applications. By forcing the targeted cloud service to consume inordinate amounts of finite system resources such as processor power, memory, disk space or network bandwidth, the attacker—or attackers, as is the case in distributed denial-of-service (DDoS) attacks—causes an intolerable system slowdown and leaves all legitimate service users confused and angry as to why the service is not responding.

12. Shared technology vulnerabilities

CSPs deliver their services scalably by sharing infrastructure, platforms or applications. Cloud technology divides the “as a Service” offering without substantially changing the off-the-shelf hardware/software—sometimes at the expense of security. Underlying components (e.g., CPU caches, GPUs, etc.) that comprise the infrastructure supporting cloud services deployment may not have been designed to offer strong isolation properties for a multi-tenant architecture (IaaS), redeployable platforms (PaaS) or multi-customer applications (SaaS).

This can lead to shared technology vulnerabilities that could be exploited in all delivery models. A single vulnerability or misconfiguration could lead to a compromise across an entire provider’s cloud.