“My data is 100% safe and secure in the cloud”, said no one ever, except possibly the slick brochure from the cloud service provider.
McAfee Labs report entitled “2017 Threats Predictions” focuses largely on cloud threats. The report notes: “Increasing amounts of sensitive data and business-critical processes are shifting to public and hybrid clouds.
Attackers will adapt to this shift, continuing to look for the easiest ways to monetize their efforts or achieve their objectives.”
Certainly, the cloud service providers are focusing more and more effort on security. The cloud can be a very good solution, and can be as secure as any other network, but we need to be more diligent than ever.
The list of what can go wrong in the cloud is essentially the same list as what can happen in any server room, but the risks are magnified.
1. Stolen Credentials
When a hacker has your password, and you don’t know it, you’ve lost all control. All your sensitive information is wide open. They may be able to access financial information, including your customers’ credit card and account information. How often do we hear of such breaches?
Often, the goal is ill-gotten financial booty, but sometimes it isn’t. An intruder can download your company’s proprietary and confidential information, make it public, leak it to competitors, the media and WikiLeaks, and ruin your reputation. He can manipulate data in any number of ways.
Of course, this threat exists in any network, any server, and even any workstation, but the threat may be even greater in the cloud. With more to gain, there is a greater likelihood that your data will be targeted.
The cloud provider no doubt provides multiple layers of security, sophisticated encryption and intelligent monitoring systems to warn of attacks. Yet, these breaches still happen.
Common missteps are when users embed cryptographic keys, passwords and other credentials in source code that can be found by hackers in a Git repository, or in an Excel spreadsheet on Google Docs.
Weak passwords and weak encryption (or no encryption) also create opportunities for unauthorized entry.
Anyone considering a data migration into the cloud needs to take a complete look at the security provided by their cloud server and look very closely to make sure they aren’t in any way compromising these measures.
2. The Dreaded Ransomware
One of today’s biggest worries is ransomware. We’ve all heard the horror stories. Your data has been encrypted, you cannot access it, and you must pay to get a key to unlock it. If you pay, you may still not get it back. More than just a problem, it’s a nightmare! Essentially, it’s a form of “denial of service”, a longstanding problem, but ransomware can be even more vicious.
In the report referenced above, McAfee comes to this conclusion: “Denial of service for ransom will become a common attack against cloud service providers and cloud-based organizations.” And they further state that, “If an organization becomes completely cloud based, there are multiple points between the business and the cloud that can be attacked to effectively shut down the business. This includes the Internet connection, DNS services, and other infrastructure components.”
Holding a company’s data for ransom is almost entirely done for monetary gain. There are no “playful” ransomware hackers sitting in their parents’ basement looking for something to fend off boredom. They are serious, tech savvy criminals.
What can be done? Just as defending against anything else, you need strong encryption, strong passwords, no open doors, and your data must be backed up, always. In looking at cloud service providers, ask all the questions, find out how their security is set up, how have they planned for every vulnerability, do they routinely test for weaknesses, how and where is their data backed up, and how often. If you don’t ask all these questions, you will at some point wish you did.
3. Denial of Service
The term “denial of service” has been with us for a very long time. The original denial of service is just to send far too many requests to an IP address, so it cannot keep up and legitimate use is denied.
Today the attacks can be more vicious and sophisticated, coming from multiple locations. It can be harder to determine which packets are legitimate and which are designed to disrupt operations.
Cloud service providers generally handle this kind of attack pretty well, but you definitely want to inquire what kind of systems and tools are employed.
A massive denial of service attack can take down a company’s website or operations fully for a period of time. Persistent attacks require very sophisticated tools to respond effectively. But other, smaller attacks can sometime go on undetected for quite some time, not quite shutting anything down but resulting in a slow network, time outs and errors. The attacks can be very targeted, exploiting weaknesses in databases or web servers. This kind of attack may also result in increased uses of cloud resources, for which the customer may have to pay.
4. Data Breaches
Your data is valuable. Some of it is highly sensitive and should not be broadly available. Possibly the most famous data breach is when Target Corporation was infiltrated by hackers who stole the credit card numbers and other personal information of over 100 million customers. A major embarrassment, very expensive.
The dangers of a data breach predate any kind of cloud technology. There are hundreds of stories throughout the history of networking. But now, because of the vast amounts of data on the cloud, it’s an even more attractive target.
Each business is different, and the types of data are different. For some businesses, confidentiality is among their most important assets. Medical testing companies for example simply cannot afford to allow patient data to be exposed, ever. Who would trust them again? And they may even be in violation of HIPPA regulations if it’s proven that they did not take adequate steps to secure sensitive patient information. Any organization may face lawsuits after a significant data breach. The effects of a data breach can be counted in millions of dollars and affect the business negatively for years.
Encryption is key, but not the only answer. Again, multiple layers of security are required along with intelligent monitoring and a robust quick action plan for when your data has been accessed.
5. Loss of Data
In the early days of computers and networking, data loss was possibly the largest risk we faced. When a disk drive failed without a backup, which happened often, data was permanently lost. In today’s world, such losses are nearly unheard of in the world of cloud storage. Data could be lost if files are encrypted and the encryption key is lost, but this is a rare occurrence.
Daily backups, or even real-time backup, are commonplace and necessary as well as sound procedures for disaster recovery.
Data loss today is much more likely to be a result of malicious activity, so again all the measures of security and routine backups need to be in place. Normally, backups are kept in a different geographical location.
While data loss may be rare, it is important. In some industries, there are specific regulations about how long records must be retained. A company can be subject to fines and other penalties if these are violated.
Weaknesses of the Cloud
While the problems listed above exist in any network, to a degree, the cloud environment may add additional chances that something may go wrong, and that what can go wrong might be even more catastrophic.
The APIs that are used to interact with cloud services for data transfer and management offer opportunities for unauthorized entry.
These interfaces tend to be the most exposed and vulnerable part of the system as they’re open to the web. Defeating potential intruders means designing the interfaces for security and routine testing of the security measures.
The threat of a malicious insider is present in any network. In the cloud environment, the number of people with access who could potentially create intentional harm is multiplied. Systems must be in place to monitor the activity of valid users and administrators with a procedure for shutting out a malicious attack, even when it comes from inside.
Hackers can now use the power of the cloud itself against it, accessing the massive resources of the cloud to do more damage than might be accomplished with a single computer or server. Cloud services could be taken over and used to launch massive denial of service attacks, for example. Breaking an encryption key with a single computer might take years, but with additional resources, could be done in a much shorter time.
What We Can Do
Diligence. Knowledge. Planning for every possible scenario. There may be no way to have a perfectly secure network ever, and there may be no way to secure your data in the cloud 100% ever. But there is technology available to provide a very high level of security. Using established best practices can decrease the likelihood of security breaches drastically.
Those who wish to cause trouble are not likely to stop their forward advance into new and better ways of causing trouble. IT professionals need to continue to get better at what they do, make better use of technology, and continue to be diligent.
As the summer draws to a close, now might be a good time for a quick getaway with the family. We can all agree that 2020 and 2021 have been stressful, so grab any opportunity to take time off and be together as a family, engaged in some fun vacation activities.Read More
You may have heard about the recent ransomware attack on American meat supplier, JBS USA, headquartered in Greeley, Colorado. JBS Foods, the parent company located in Brazil, is one of the world’s largest food companies, with over 150 plants in 15 countries, 150,000 employees worldwide and customers in about 100 countries.Read More
What do ankle monitors and missing data have to do with one another? Ask the Dallas Police Department, who had to release a murder suspect without bail just days before his trial was due to start.Read More
Clearwater, Florida, USA — LinkTek Corporation, the world’s leading provider of automatic link-fixing software, announced the release of LinkFixer Advanced version 5.3. According to LinkTek,…Read More
Newest Release of Automatic Link Fixing Software Simplifies the Process of Protecting Links When Moving to SharePoint On-Premise or Online
LinkTek’s newest release of LinkFixer Advanced features a significant improvement that the company says will save its customers countless hours by eliminating the need to…Read More
LinkFixer Advanced is patented software which protects file links and automatically fixes broken links after files are moved or renamed. (Clearwater, Florida, USA) May 4, 2017…Read More