The Top 10 Cloud Security Threats — And How To Counter Them
Organizations are moving to the cloud, but security remains a top concern. Recent survey data reports cloud computing as the biggest security worry among risk, audit and compliance executives.
While evolving cloud technology and increasing consumer control over data security is changing this landscape, risks remain. Here’s a look at the top 10 cloud security threats and the steps your company can take to counter them.
Top 10 Cloud Security Threats and ways to Defend
1. Configuration Concerns
The easiest way in for attackers? Finding and exploiting misconfigurations in cloud services. These misconfigurations often occur during initial cloud setup and may not be detected until attackers attempt to breach corporate networks. The big risk here? Cybercriminals infiltrate cloud with virtually no resistance and have time to wreak havoc.
Combatting this issue depends on careful provider selection — ask for detailed information about security offerings and potential gaps created between cloud and on-premises solutions.
2. Insider Issues
While malicious attackers represent critical threats to cloud security, insider threats are more likely — especially in cases of staff accidentally sharing sensitive data or using applications that aren’t secure. In some instances, insider threats are malicious attempts by disgruntled or former staff to sell corporate data. Yet no matter the cause, the remedy is the same: Implement networkwide logging and monitoring solutions that notify administrators of risky behavior such as unauthorized API calls or modifications to IAM policy.
3. Brute Force Failures
Brute force threats such as DDoS attacks remain common cloud risks, especially given the increasing amount of insecure IoT devices that can be commandeered by hackers and repurposed to massively increase traffic generation. Your best bet to combat these threats? Disable all cloud access points from the web at large and install traffic monitoring solutions to get ahead of DDoS attacks.
4. Leaky Credentials
It remains common practice for many organizations to hard-code credentials such as API keys and network access permissions into source code or documentation. If attackers expose this data, they can use it to gain privileged network access or sell it for profit on the dark web. Stop leaky credentials by storing them off the cloud and using two-factor authentication (2FA) to limit overall risk.
5. Getting Hooked
While more sophisticated attacks have been developed, phishing efforts remain a successful vector for malicious actors. Why? Because humans are the weakest link in any cloud security chain — if they’re convinced to download attachments, click on links or provide their credentials, hackers can gain employee account access and begin moving horizontally across cloud networks.
Regular phishing simulations coupled with best-of-breed spam detection and quarantine tools can help keep staff from getting hooked.
6. Patchwork Policies
To be effective, security policies must apply across all network services and all network users. Given the constantly expanding nature of cloud deployments, however, it’s easy for policies to take on a patchwork appearance, in turn exposing companies to risk.
One option here is the implementation of identity and access management (IAM) solutions that govern security and access on a per-user basis rather than relying on device or network specifications. This directly links security policies with individuals, making it easier for IT to adjust permissions as needed and implement networkwide changes on demand.
7. Absent Encryption
If data in the cloud isn’t encrypted, it’s at risk. Attackers are aware of the trend to mobile and remote cloud access and have seen marked success eavesdropping on insecure connections or creating fake Wi-Fi networks that collect user login data. To secure cloud networks, use the strongest encryption available to protect data in transit and at rest.
8. System Sprawl
As corporate IT needs the increase, clouds expand. The result? Limited visibility for security professionals and increased opportunity for potential hackers. Here, knowledge is power: Companies need monitoring and analysis tools that provide data about the current process, storage, and system usage — and can assess cloud environments to find services or applications that are not actively used.
9. Timid Testing
No cloud environment is perfect. The Software may contain known vulnerabilities, or attackers may discover zero-day exploits. Hardware may have hard-coded flaws, and database access tools may contain undetected exploits.
The result? Regular testing is critical. First, companies should test for risk — which services present the most risk if compromised or damaged? Then, they should go on the attack, using in-house talent or outsourced assistance to (safely) break their network and discover critical flaws.
10. Ineffective Education
Without education, employees present cloud risk. While they’re likely familiar with cloud platforms such as social media and email services, many are unfamiliar with corporate systems. Regular training that emphasizes shared security responsibility and provides real-world scenarios can significantly reduce staff-based risk.
The cloud security landscape is changing — through 2022, experts predict at least 95 percent of security failures will be the customer’s fault. The result? It’s worth recognizing the telltale signs of top threats and understanding the critical steps necessary to combat cloud security risk.
About Kim Turner
Katherine Palac is Director of Marketing at Column Information Security. Palac has focused on global B2B marketing and communications strategy for 20 years, primarily in the professional services, financial services, and technology spaces.