Do you think Cloud Computing can be hacked? What is your perception on it?
Most of us take our cloud computing for granted – the power to store data with ease, without worrying about where it is or how safe it is, the comfort of doing business through our smartphone and never in person.
Well, those perks could come at a cost. Security researchers estimate that three-quarters of large cloud providers have been compromised from 2015 to 2017 and if 2018 contracts continue on their current trend, then 84% of cloud users are open to malicious actors due to lax security measures.
With many people trusting the chain metaphor so much these days and with hackers targeting businesses that rely on using cloud servers, it’s fair to say that we should be apprehensive towards storing all our chips online.
So What Do Mean By Cloud Computing?
Cloud computing is a delivery model for software as a service, whereby applications and data are hosted by a third party, often referred to as a cloud provider. This new way of delivering software allows organizations to scale up or down their capacity as needed while maintaining the availability of the applications and data.
The flexibility provided by cloud computing enables organizations to quickly adapt to changes in business needs. Furthermore, it has become an essential part of our technology landscape allowing businesses of all sizes the ability to compete in today’s marketplace. According to Gartner, the global market for cloud computing is estimated to grow $266.4 billion by 2020, rising from $227.4 billion in 2019.
Also read on Different Types Of Cloud Computing
What Does This Mean For An Organization?
Well, if you’re like most companies, you likely rely on some form of cloud computing for a variety of applications and services. And based on recent trends, it’s likely that this reliance will only continue to grow in the future.
So if you aren’t already utilizing cloud-based services in your organization, now may be the time to start considering how they could help you achieve your goals. For example, if you need more flexibility when scaling your software or needing access to new applications quickly, cloud computing could be a good solution for you. However, there are also a number of potential security risks associated with using cloud-based services.
One of the major drawbacks to cloud computing is that it can open you up to data security breaches. When your cloud-based service sends information via a public internet connection, hackers could potentially determine who you are and access confidential documents or key files.
If a hacker was able to access private information contained in a database, they would be hard-pressed to make sense of it without knowing the proper columns or database records each row contains.
So if a database has been compromised by a hacker using “SQL injection” techniques and sent over the internet, there’s very little in the way of protection for any sensitive data contained within said database.
Types Of Cloud Computing Services
There are three types of cloud computing services to choose from depending on how much control you need:
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
You can read about the differences between these models in our blog article Saas, PaaS, and IaaS Explained.
What Are Cloud Computing Vulnerabilities?
When it comes to cloud computing, there are plenty of services and applications that can be accessed from a remote location. Unfortunately, this also opens up the potential for attackers to exploit vulnerabilities in these systems. In a report from security firm Rapid7, cloud computing is one of the most commonly targeted areas for hackers.
Of the top 10 vulnerabilities reported by Rapid7 in 2017, six involve cloud-based services or applications. Cloud-based attacks are especially popular due to their flexibility and the fact that they can often be done remotely.
For example, in August 2017, an attacker compromised the systems of an online retailer and made off with millions of dollars worth of merchandise.
The complexity of these attacks makes them difficult to prevent, but there are some things you can do to protect yourself:
A lot of cloud data is sensitive information about users or business practices, and cloud users store different types of data in cloud environments. Human actions, application vulnerabilities, and unforeseen emergencies can cause this data to be lost, breached, or damaged.
To protect user data while it is in transit from the cloud, cloud service providers should employ modern encryption algorithms.
Cloud API Vulnerabilities
When it comes to the cloud, there are plenty of APIs that companies can use to connect with their customers or partners. Unfortunately, these same APIs can also be a target for hackers.
In recent months, we’ve seen a spate of vulnerabilities in cloud-based APIs. In January, attackers took advantage of a vulnerability in Amazon Web Service’s (AWS) Simple Notification Service (SNS) to send malicious messages to unsuspecting third-party recipients.
Last month, attackers used a vulnerability in Google Cloud Platform’s (GCP) App Engine standard Java API to inject malicious code into applications running on GCP. And earlier this week, an attacker exploited a vulnerability in Microsoft Azure’s Management Portal to access user credentials and steal data from services hosted on Azure.
All of these vulnerabilities stemmed from the way that the cloud APIs were designed and implemented. By compromising the Accounts and Access Management (AAM) subsystems used by these platforms to control access to resources, attackers were able to exploit weaknesses in the security models employed by these clouds.
In some cases, malicious insiders can compromise cloud-based systems and data. In a 2017 report from Symantec, researchers revealed that insider threats are becoming more prevalent in enterprises operating in hybrid cloud environments, where data is stored both on-premises and in the cloud.
In their study, Symantec looked at incidents involving 143 organizations with 250 million user accounts or more. Out of these, 49 percent had at least one insider threat incident in the past year.
Symantec found that insiders used stolen credentials to access customer data or launch attacks against the organization. In another study by Cipher Cloud, it was found that malicious insiders were responsible for 67 percent of all data breaches reported in Q3 2017.
Organizations need to take steps to prevent malicious insiders from compromising their systems and data. One way to do this is to implement strong authentication and authorization procedures for employees who have access to sensitive data.
You also need to keep track of who has access to what types of data, monitor activity logs for signs of unauthorized activity, and use intrusion detection and detection systems to identify suspicious activities
Shared Technology Vulnerabilities
Users of cloud computing services are at greater risk for cyberattacks than users of traditional computing platforms, according to a study released today by Dell SecureWorks. Shared technology vulnerabilities across connected devices and infrastructure make it easier for hackers to exploit these systems, the report finds.
Dell SecureWorks surveyed 500 commercial and government organizations that use IT infrastructures made up of consumer technology products such as software virtualization and mobile device management (MDM) solutions. These users represent an important target for attackers because they often do not invest in attack prevention measures or have inadequate countermeasures in place.
Half of respondents said their organization had been attacked using a shared technology vulnerability within the past 12 months, and almost half (48 percent) reported experiencing at least one such attack in the past year. These attacks can include malware implants, insiders who expose the organization to the risk of sophisticated cyberattacks, or breaches caused by third-party vendors who mishandle customer data.
“As more organizations shift their computing resources to the cloud, they are creating opportunities for attackers to exploit shared technology vulnerabilities,” said Stephanie O’Neill, managing director of Dell SecureWorks Risk & Application Intelligence group.
Cloud Hosting Provider lock-in
Cloud computing providers often see themselves as the only option for users, creating provider lock-in. This can lead to diminished choice and user control over their data and computing experiences. Worse yet, it can mean that vulnerabilities and hacks targeting cloud-based services go largely unaddressed.
In a recent study, researchers at Fraunhofer IIS Cyber Security found that while two thirds of respondents indicated they would not use a service that did not offer support for Microsoft Office, only 41 percent of European businesses felt the same way about Google Docs. As competition between providers heats up, customers are likely to be put in a weaker position as providers increasingly carve-out whole product categories in which they hold exclusive market share.
Provider lock-in can have serious consequences not just from a standpoint of security but also from an economic standpoint. For example, when users have few alternatives for accessing their data or computing resources, this can increase their vulnerability to price gouging by providers or third party vendors who may resell those services at inflated rates. In some cases, lock-in has even been cited as one factor behind the widespread use of malware and cyberattacks targeting specific cloud services.
To avoid provider lock-in, providers should provide users with plenty of options for accessing their data on a device or service-agnostic way. Locking users into a single cloud provider could undermine the security features offered by that vendor.
As more and more businesses consider using cloud computing, Security professionals must ask themselves if cloud computing can be compromised. In the article, “Can Cloud Computing Be Compromised?”, we explore this question by examining a few examples of weak cryptography implementations in popular cloud services.
Most people assume that cloud-based security is as secure as any other form of security. However, recent investigations into data breaches at companies such as LinkedIn and Yahoo! have shown that even the most complex cryptographic techniques are not immune to attack. In 2016, for example, attackers infiltrated Yahoo!’s core infrastructure by exploiting a vulnerability in Apache Struts 2, a widely used Java web application platform. The attack allowed them to access user passwords and other sensitive data.
A study published in January 2017 by Bitdefender analyzed data from 18 million online attacks performed between 2015 and 2016. They found that 77% of successful attacks involved weak or default encryption schemes on attacked websites. This means that even if your site uses strong encryption, an attacker could still gain access to your site’s data if they are able to breach your site’s system defenses.
Vulnerability In Cloud Services
The appearance of new cloud-based services has made it difficult for IT professionals to know which ones are safe to deploy and which ones may be at risk of being compromised by hackers. In 2016 OpenStack cloud platform had more than 150 known weaknesses in its cloud services .
The following five examples show how cloud computing can be compromised.
- Sending Sensitive Data Across the Internet in Plain Sight: One way that hackers can target cloud-based services is by sending sensitive data across the internet in plain sight. For example, a hacker might send a Cloud Storage file containing user passwords or financial information without disguising it as something else. This makes it easier for an attacker to intercept and access the data.
- Social Engineering: Another way that attackers can compromise cloud-based services is by using social engineering tactics. For example, a hacker might pose as someone from the service’s administrator team and convince a user to give them access to their account or password.
- Port Scanning: Attackers also use port scanning techniques to identify ports on servers that are exposed and accessible from the outside world. Once they identify these open ports, they can use them to access private data stored within the cloud.
- Bad Service & Outdated Technology: Attackers will often modify web applications to hijack private accounts for their own gain. They’ll then add malicious scripts to those sites that act by inserting code into the application and making unauthorized changes without first gaining permission from the user or administrator.
- Credential Hijacking: Attackers will also sometimes use malware on a computer to gain access credentials for valid cloud-based accounts.
You can also read on my article on common types of attacks on Cloud Computing
Should we fear cloud computing in the future?
Despite its seeming invincibility, cybercrime is a growing threat and cloud computing could be a prime target. Cybercriminals are always on the lookout for ways to exploit vulnerabilities in systems, databases, and applications to steal data or install malicious software.
In a recent study, researchers at Cybereason found that 55 percent of cybercrime attacks were carried out via cloud-connected devices such as laptops and smartphones. And given how ubiquitous these devices are, that’s not surprising—cloud services offer criminals an easy way to deploy malware without needing to carry out any hacking directly.
There’s no doubt that cloud computing can be hacked and makes it easier for criminals to penetrate systems and steal data. But that doesn’t mean we should start fearing it—rather, we need to make sure we’re doing everything we can to protect our data and systems from being compromised in the first place.
In the next article I will write about Tips on How to Ensure the Security of Cloud Services
In recent years, cloud computing has become an integral part of the modern business landscape. Its flexibility and ubiquity have made it a preferred solution for many organizations, allowing them to offload certain administrative tasks from their internal IT departments and instead host these functions in the cloud.
While this has been great for businesses, there is always a risk that cloud-based data can be compromised. In order to stay ahead of potential threats, it is important to understand how cloud computing works and what security measures you need to take into account.