Security In The Cloud
The cloud has been around for some time now and is still gaining popularity in every day operations of IT companies around the world. There are many advantages of the cloud services, which is why the cloud service model is being used extensively, but there are vulnerabilities and threats to beware of such as Data Breaches, Data Loss, Account Hijacking, Insecure APIs and denial of service just to name a few, like any technology, cloud computing has risks. Among the most significant security risks associated with cloud computing is the tendency to bypass information technology (IT) departments and information officers. Although shifting to cloud technologies exclusively is affordable and fast, doing so undermines important business-level security policies, processes, and best practices. In the absence of these standards, businesses are vulnerable to security breaches that can quickly erase any gains made by the switch to software as a service (SaaS). Both have vulnerabilities and threats in cloud computing but the two are not the same.
Before deciding to migrate to the cloud, we need to look at cloud security vulnerabilities and threats to determine whether the cloud service is worth the risk due to the many advantages it provides. The following are just a few of the top security vulnerabilities and threats in a cloud environment.
➢ Vulnerability: is a weakness that can be exploited by the attacker for his own personal gain. A weakness can be present in software, environments, systems, network, etc.
➢ Threat: is an actor who wants to attack assets in the cloud at a particular time with a particular goal in mind, usually to inflict his own financial gain and consequentially financial loss to a customer.
Cloud Computing Vulnerabilities
➢ Virtual Machine Escape: in virtualized environments, the physical servers run multiple virtual machines on top of hypervisors. An attacker can exploit a hypervisor remotely by using vulnerability present in the hypervisor itself – such vulnerabilities are quite rare, but they do exist. Additionally, a virtual machine can escape from the virtualized sandbox environment and gain access to the hypervisor and consequentially all the virtual machines running on it.
➢ Session Riding: session riding happens when an attacker steals a user’s cookie to use the application in the name of the user. An attacker might also use CSRF attacks in order to trick the user into sending authenticated requests to arbitrary web sites to achieve various things.
➢ Reliability and Availability of Service: we expect our cloud services and applications to always be available when we need them, which is one of the reasons for moving to the cloud. But this isn’t always the case, especially in bad weather with a lot of lightning where power outages are common. The CSPs have uninterrupted power supplies, but even those can sometimes fail, so we can’t rely on cloud services to be up and running 100% of the time. We have to take a little downtime into consideration, but that’s the same when running our own private cloud.
Cloud Computing Threats
➢ Secure Data Transmission: when transferring the data from clients to the cloud, the data needs to be transferred by using an encrypted secure communication channel like SSL/TLS. This prevents different attacks like MITM attacks, where an attacker intercepting the communication could steal the data.
➢ Ease of Use: Cloud services can easily be used by malicious attackers, since a registration process is very simple, because we only have to have a valid credit card. In some cases we can even pay for the cloud service by using PayPal, Western Union, Payza, Bitcoin, or Litecoin, in which cases we can stay totally anonymous. The cloud can be used maliciously for various purposes like spamming, malware distribution, botnet C&C servers, DDoS, password/hash cracking, etc.
➢ Insecure APIs: various cloud services on the Internet are exposed by application programming interfaces. Since the APIs are accessible from anywhere on the Internet, malicious attackers can use them to compromise the confidentiality of the enterprise customers. An attacker gaining a token used by a customer to access the service through service API can use the same token to manipulate the customer’s data. Therefore it’s imperative that cloud services provide a secure API, rendering such attacks worthless.
Conclusion
In this article we’ve taken a look at some of the top cloud vulnerabilities and threats that need to be considered when moving to the cloud. When an organization wants to move their current operation to the cloud, they should be aware of the cloud threats in order for the move to be successful. We shouldn’t rely on the cloud service provider to take care of security for us; rather than that, we should understand the security threats and communicate with our CSP to determine how they are addressing the security threats and continue from there. We should also create remote backups of our data regardless of whether the CSP is already providing backup service for us – it’s better to have multiple data backups than figure out the data was not backed up at all when the need for data restoration arises. We see that there are risks with cloud computing but life itself is a risk and like life if we just take the necessary precautions to the would be threats around us we should do fine.
For more information about Redport’s information assurance and cyber security services, visit www.redport-ia.com, email us at info@redport-ia.com, like us on Facebook, and follow us on Twitter@redport_ia.
- Suzanne Gonzalez
Gaithersburg, MD