DID YOU KNOW that Gartner predicted that the global public cloud services market will grow from $227.8 billion in 2019 to a total of $266.4 billion by up to 17 per cent in 2020. While the cloud continues to be more widely embraced, it is important to be mindful of the problems facing cloud computing organizations while using it. Here are the summaries of threats and future issues facing cloud protection in this blog and addressing their consequences for today’s organisations.
1. Breaching of Data
THERE are 178 cases of data breach to date, almost a 200% jump in 2019 than the recorded 63 attacks in the year 2018, according to data from Malaysia Computer Emergency Response Team of CyberSecurity Malaysia. Malaysia was ranked fifth-worst in privacy protection among 47 countries studied by a UK-based technology research firm. Malaysia scored 2.6 out of 5, which denotes some safeguards but weakened protections. The score sent Malaysia to be among Thailand (2.6), India (2.4), Russia (2.1) and China (1.8) at the bottom.
Consequences of data breaches:
- It impacts customer or partner credibility and confidence in your organization
- Effect on your brand which can cause your market value to decline
- Loss of intellectual property (IP) to rivals
- Loss of capital due to regulatory consequences
- Both civil and contractual obligations
- Additional financial risks may incur due to accident response and forensics
2. Insufficient Control of Change and Misconfiguration
If computing assets are improperly set up, it allows for misconfiguration and leaves the assets vulnerable to malicious behavior. Examples of misconfiguration include unsecured data storage elements or containers, unnecessary permissions, unchanged default passwords and configuration settings, normal left-disabled security controls, unpatched systems and left-hand logging or monitoring left disabled, and free harbor and utility use. The business effect depends on the extent of the misconfiguration and how quickly it is found and resolved. The most frequent problem is the exposure of data stored in cloud repositories.
3. Insufficient of Secured Cloud Architecture and Strategy
Organizations globally move parts of their IT assets to public clouds. One of the greatest obstacles is putting in place the necessary protections to guard against cyber scams. Unfortunately, for many organisations, this method remains an enigma. Data is exposed to numerous threats when companies think cloud migration is a “lift-and-shift” attempt to simply port their current IT stack and security controls to a cloud environment. The contributing factor is perhaps a lack of awareness of the mutual safety accountability model.
4. Lack of identity, Access, Certificates, and Key Management
There are few explanations why there could be security incidents and breaches, and starting with, there is a failure to use multifactor authentication and a failure to use strong passwords. All of this may be attributed to insufficient credential protection, a lack of routine automatic rotation of cryptographic keys and passwords, a lack of versatile identity and credential management systems, insufficient identification credentials, Or key management which may allow unauthorized data access. As a result, malicious actors who masquerade as legitimate users can read, alter, and remove the data. Hackers may also challenge control plane and management functions, snoop data in transit, and release malware from a legitimate source from which it appears to come.
5. Hijacking Accounts
Hijacking accounts is a threat where malicious attackers gain access to, and misuse, highly privileged or sensitive accounts. For cloud settings, cloud service accounts or licenses are the ones with the biggest risks. Such accounts can be compromised by phishing attacks, misuse of cloud-based services, or stolen credentials. February 11, 2020: An unsecured database belonging to the makeup company Estee Lauder exposed 440 million customer records. No payment or sensitive information was impacted but email addresses, IP addresses, ports, pathways, and storage information were disclosed in the database.
6. Threats from Insider
Either due to a malicious close associate, employee, or unintentional errors, the number of insider attacks experienced yearly has shifted upwards. It went from 3200 to 4700 per year between 2018 and 2020. This increased frequency of insider attacks has also led to about 60% of organizations experiencing more than 30 insider attacks yearly. Every year, more than 34% of businesses worldwide are affected by insider threats. In fact, a survey by Fortinet revealed that fraud (55%), monetary gains (49%), and IP theft (44%) are the three most underlying reasons behind insider threats. The insider threat survey goes further to tell us that the finance department (41%), the customer access department (35%), and the research and development department (33%) are most vulnerable to cyber-attacks.
7. Complicated Interfaces and APIs
Cloud computing providers provide a collection of UIs and APIs applications to allow clients to access and communicate with cloud services. The reliability and availability of general cloud services depends on those APIs’ reliability. Such interfaces must be configured to protect against both unintended and malicious attempts to bypass the security policy, from authentication and access control to encryption and activity monitoring. Poorly built APIs may result in misuse or, worse yet, a data breach. Many big data breaches have been triggered by broken, exposed, or compromised APIs. One of the cloud’s great advantages is that it’s available from anywhere and from any laptop. But, if users communicate with interfaces and APIs that are not protected, hackers will identify and exploit these types of vulnerabilities.
8. Fragile Control Plane
Going from the data center into the cloud to establish an appropriate data management and security system, there are several challenges. The user now has to create new data replication, migration, and storage processes and get even more complicated when using multi-cloud. The solution to these issues would be a control plane, since it allows for protection and honesty that would complement the data plane providing system reliability and runtime. A poor control plane means the person in charge – either a system architect or a DevOps engineer – is not completely in control of the data infrastructure ‘s logic, security, and verification. Controlling stakeholders in this scenario may not know the security infrastructure, how data flows and where blind technological spots and weak points occur. These limitations can result in corruption, unavailability or data leakage.
9. Metastructure and Applistructure Failures
Cloud service providers periodically disclose the operations and security measures necessary to execute their systems efficiently and to ensure protection. API calls usually reveal this information, and the CSP safeguards are integrated into the layer of metastructure. The metastructure is called the CSP / customer line demarcation-also known as the waterline. Opportunities for failure exist at many levels within this model. For example, weak CSP implementation of the API gives attackers the opportunity to intimidate cloud customers by interrupting the security , integrity or availability of the service.
10. Limited Visibility to the Cloud Usage
Poor visibility of cloud use exists when an enterprise lacks the ability to interpret and evaluate whether cloud service use is secure or malicious within the enterprise. This definition is split into two main challenges. Un-sanctioned use of the app: This happens when workers use cloud software and services without explicit approval and corporate IT and security support. This scenario leads to a self-supporting model called Shadow IT. This conduct is dangerous when vulnerable cloud services operation does not follow corporate guidelines — especially when combined with sensitive corporate data. Gartner estimates that shadow IT systems and resources will produce one-third of all effective security attacks against businesses by 2020.
Abuse of the licensed software: Companies are frequently unable to examine how insiders who use a licensed software exploit their authorized applications. This use frequently happens without the company’s prior permission, or by external threat actors targeting the service using methods such as credential theft, Structured Query Language ( SQL) injection, Domain Name System ( DNS) attacks and more.
11. Abuse and Wicked Use of Cloud Services
Malicious actors may exploit cloud computing capabilities for targeting customers, organizations or other cloud providers. Malicious attackers can also host malware Cloud services. Cloud services that host malware that seem more legitimate, because the malware uses the CSP domain. Additionally, web-hosted malware can use cloud networking tools to further spread itself as an attack vector.
12. DDoS attack
A DDoS attack is designed to overwhelm website servers so it can’t answer legitimate user requests anymore. When a DDoS attack succeeds it can make a website inaccessible for hours or even days. This can lead to a loss of sales, customer trust and brand authority. Complementing cloud services with DDoS security isn’t just a smart idea for the company anymore; it’s a requirement. Websites and web-based applications are core components of 21st-century business and require state-of-the-art security.
13. Vendor Lock-In for Security Features
One major potential challenge when it comes to security features is the risk of “vendor lock.” Restricting yourself to a single, compatible security solution for a cloud service is extremely restrictive — and it can lead to poor return on investment for security. This is because the vendor you’re locked into doesn’t have to compete with other vendors — they have your business because if you want something functional without having to start over from scratch, you ‘re their only choice.
The barriers to cloud protection aren’t too great to overcome. Enterprises will harness the benefits of cloud technologies with the right partners, infrastructure and forethought. AceTeam Networks are experts in Malaysia with over 8 years of experience especially in the field of cloud security providing risk solutions. Reach out and know how to secure your network and we will help you with a simplified process and transparency.