A data breach might be the primary objective of a targeted attack or simply the result of human error, application vulnerabilities, or poor security practices, CSA says. It might involve any kind of information that was not intended for public release, including personal health information, financial information, personally identifiable information, trade secrets, and intellectual property. An organization’s cloud-based data may have value to different parties for different reasons. The risk of data breach is not unique to cloud computing, but it consistently ranks as a top concern for cloud customers.
Bad actors masquerading as legitimate users, operators, or developers can read, modify, and delete data; issue control plane and management functions; snoop on data in transit or release malicious software that appears to originate from a legitimate source, CSA says. As a result, insufficient identity, credential, or key management can enable unauthorized access to data and potentially catastrophic damage to organizations or end users.
3. Insecure interfaces and application programming interfaces (APIs)
Cloud providers expose a set of software user interfaces (UIs) or APIs that customers use to manage and interact with cloud services. Provisioning, management, and monitoring are all performed with these interfaces, and the security and availability of general cloud services depends on the security of APIs, CSA says. They need to be designed to protect against accidental and malicious attempts to circumvent policy.
4. System vulnerabilities
System vulnerabilities are exploitable bugs in programs that attackers can use to infiltrate a system to steal data, taking control of the system or disrupting service operations. Vulnerabilities within the components of the operating system put the security of all services and data at significant risk, CSA says. With the advent of multi-tenancy in the cloud, systems from various organizations are placed close to each other and given access to shared memory and resources, creating a new attack surface.
5. Account hijacking
Account or service hijacking is not new, CSA notes, but cloud services add a new threat to the landscape. If attackers gain access to a user’s credentials, they can eavesdrop on activities and transactions, manipulate data, return falsified information and redirect clients to illegitimate sites. Account or service instances might become a new base for attackers. With stolen credentials, attackers can often access critical areas of cloud computing services, allowing them to compromise the confidentiality, integrity, and availability of those services.
6. Malicious insiders
While the level of threat is open to debate, the fact that insider threat is a real adversary is not, CSA says. A malicious insider such as a system administrator can access potentially sensitive information, and can have increasing levels of access to more critical systems and eventually to data. Systems that depend solely on cloud service providers for security are at greater risk.
7. Advanced persistent threats (APTs)
APTs are a parasitical form of cyber attack that infiltrates systems to establish a foothold in the IT infrastructure of target companies, from which they steal data. APTs pursue their goals stealthily over extended periods of time, often adapting to the security measures intended to defend against them. Once in place, APTs can move laterally through data center networks and blend in with normal network traffic to achieve their objectives, CSA says.
8. Data loss
Data stored in the cloud can be lost for reasons other than malicious attacks, CSA says. An accidental deletion by the cloud service provider, or a physical catastrophe such as a fire or earthquake, can lead to the permanent loss of customer data unless the provider or cloud consumer takes adequate measures to back up data, following best practices in business continuity and disaster recovery.
9. Insufficient due diligence
When executives create business strategies, cloud technologies and service providers must be considered, CSA says. Developing a good roadmap and checklist for due diligence when evaluating technologies and providers is essential for the greatest chance of success. Organizations that rush to adopt cloud technologies and choose providers without performing due diligence expose themselves to a number of risks.
10. Abuse and nefarious use of cloud services
Poorly secured cloud service deployments, free cloud service trials, and fraudulent account sign-ups via payment instrument fraud expose cloud computing models to malicious attacks, CSA says. Bad actors might leverage cloud computing resources to target users, organizations, or other cloud providers. Examples of misuse of cloud-based resources include launching distributed denial-of-service attacks, email spam, and phishing campaigns.
11. Denial of service (DoS)
DoS attacks are designed to prevent users of a service from being able to access their data or applications. By forcing the targeted cloud service to consume inordinate amounts of finite system resources such as processor power, memory, disk space, or network bandwidth, attackers can cause a system slowdown and leave all legitimate service users without access to services.
12. Shared technology vulnerabilities
Cloud service providers deliver their services scalably by sharing infrastructure, platforms or applications, CSA notes. Cloud technology divides the “as-a-service” offering without substantially changing the off-the-shelf hardware/software—sometimes at the expense of security. Underlying components that comprise the infrastructure supporting cloud services deployment may not have been designed to offer strong isolation properties for a multi-tenant architecture or multi-customer applications. This can lead to shared technology vulnerabilities that can potentially be exploited in all delivery models
No comments:
Post a Comment