At present, cloud computing is constantly changing the way organizations use, save and share data, applications and workloads. Also, it brings a series of new security threats and challenges. With large volumes of data transferring to the cloud, especially the public cloud, these resources becomes the top target of cyber attackers.
Gartner’s vice president and director of cloud computing security Jay Heiser also said “The application of public cloud is growing fast, so it is inevitable to result in more potential risks and sensitive content.”
Different from many people’s opinions, to protect the enterprise data in the cloud does not rely on cloud computing service providers, but customers themselves. “We are in the transitional period of cloud computing security, and key point is transferring from vendors to customers. Many company spent a lot of time in determining whether a certain cloud service vendor is safe, but there was little result because the problem lies in them,” said Heiser.
In order to make enterprises understand cloud security problems, so that they can take proper actions to cope with these cloud security issues, Cloud security Alliance (CSA) published the latest version of “Top 12 Cloud Computing Threats: Industry Insights Report”.
This report inflects the CSA’s security experts’ consensus about the current most important cloud computing security problems. The report indicates that although there are many security issues in the cloud, enterprises mostly focus on cloud computing’s features of sharing and on-demand. To identify the questions that users are most concerned in, CSA performed an investigation on industry experts, summarized the most server cloud computing security issues, and wrote down some professional suggestions and advice. According to the repost, we will introduce the 12 most important cloud security problems in below (ordered by severity):
1. Data Leakage
CSA indicated that data leakage is the major objective with targeted attacks, which can result from human errors, application vulnerabilities and bad security measures. It can involve any information that is not suitable for open, including personal health information, financial information, personal identifying information, business secrets and intellectual property. For different reasons, one organization’s cloud-based data can have more value for some other organizations. Data leakage does not happen to cloud computing only, but it always the prior factor that cloud computing users take into consideration.
2. Poor Identify authentication, Credentials and Access Management
CSA said that cyber criminals often disguise as legal users, operating staff or developers to read, modify and delete data, so as to obtain the rights of controlling and managing the platform. Then, they will spy into useful data during the process that users are transferring data, and publish malicious software that will look like coming from the legal source. Thus, the deficiencies of identify authentication and poor credentials or key management both can cause unauthorized data access and finally lead to catastrophic damage to organizations or the end users.
3. Insecure Ports and API
Cloud computing providers offer users software UI or API to manage and interact with cloud service. CSA said that the configuration, management, and monitoring of cloud services are executed via theses ports. Normally, cloud service’s security and usability depend on API’s security. It means, users need to design for preventing unexpected accidents and malicious attempts.
4. System Vulnerabilities
System vulnerabilities are the bugs that attackers can use to hack the system to steal data, control the system and destroy the programs operated by the cloud service. CSA indicated that the vulnerabilities in operating system components will make all services and data’s security facing significant risks. With multi-tenant cloud emerging, different organizations’ systems get closer and they allow sharing memory and resources between each other, so new attacks come into being.
5. Account Hijack
CSA pointed out that account or service hijack is not new in the industry, but cloud service adds new threat to this view. If attacker obtained the access right to user credentials, then they can intercept activities and deals, operate data, return fake information, and redirect clients to illegal websites. Account and service instance can be the new foundation for attackers. Also, because user credentials are stolen, attackers can frequently access to cloud computing service’s critical area, and endanger these services’ confidentiality, integrity and availability.
6. Malicious Insiders
CSA also mentioned that although the severity of some threats is controversial, inner threat is a real threat. Malicious insiders like system administrators can access potential sensitive information, access to more important systems, and finally access to data. Therefore, users will encounter larger risks if they only depend on the security system that cloud service provider offers.
7. Advanced Persistent Threat (APT)
APT is a parasitic cyber-attack method. An APT attack is that an authorized user gets access to a network or system of a targeted company and stays there by avoiding detection, and then steals valuable data. It can reach the target step by step in a long period of time, and can often adapt to and resist security measures. Once everything sets up well, APT can move laterally through data center network, fuse with normal network flow, and finally reach their goal.
8. Data Loss
According to CSA, the data saved in the cloud can lose because of malicious attacks. Cloud computing service providers encountering accidental erasure and physical disasters like fire and earthquake all can lead to permanent data loss. Cloud computing providers or users both should take proper actions to back up their data, follow the best business continuity practice and realize disaster recovery.
9. Poor Due Diligence
CSA mentioned that when enterprises are making business strategy, they must take cloud computing technology and service providers into consideration. It is key to succeed that make a good roadmap and a list of due diligence when evaluating cloud computing technology and providers. Then, if enterprises are eager to adopt cloud computing technology but do not make sufficient due diligence when choosing cloud service providers, they will face many risks.
10. Abuse and Malicious Use of Cloud Services
CSA mentioned that the cloud service configuration with poor security, free trail of cloud services, and fraudulent payment account login all will make the cloud computing mode be exposed under malicious attacks. Hackers can take advantage of cloud computing resources to locate users, organizations, or other cloud computing providers. The instances of abusing cloud resources include starting DDoS, spam mails, and phishing attacks.
DoS attacks aim at preventing users from accessing their data or applications. Attackers can flood the targeted cloud serviced with superfluous requests to overload limited system resources, such CPU capacity, memory, disk space and bandwidth. Attackers can use this way to lower down the system and make the servers unavailable to all legal users.
12. Shared Technical Bugs
Cloud computing service providers often expand their service by sharing infrastructure, platforms, and applications. Cloud technology make “aaS” products be divided into multiple ones, but existing hardware/software will not be changed sharply (sometimes security is the cost). The low-level components supporting for cloud computing deployment are probably not designed to provide powerful isolation feature for multi-tenant framework or multi-user application. It can cause shared technical bugs which are possibly used by attackers in all procurement delivery system.