The benefits of cloud computing have been extensively documented, but what isn’t discussed as much is the growing opportunity for cyber attacks that cloud environments create. The majority of cloud storage providers house vast amounts of data in centralised, multi-tenanted cloud environments. This is great for business efficiency because it allows multiple users to access cloud data across numerous different devices and platforms. However, this approach isn’t without risks and being aware of what they are is extremely important for any business looking to embrace the power of the cloud.
[easy-tweet tweet=”#Cloud account hijacking can result in the leaking or destruction of sensitive company IP” hashtags=”Security”]
The growing threat from cloud hijacking
Cloud account hijacking is a growing phenomenon that occurs when an organisation or individual’s cloud account is accessed by a third party without permission, usually with malicious intent. Attacks of this nature are becoming increasingly commonplace in identity theft schemes, with criminals using the stolen account details to conduct fraudulent activity. However, what’s concerning is that more sophisticated cloud hijackers don’t even need a username or password to gain access to the account. Instead, they are using malicious attachments in emails or browser extensions to gain access to the account’s authentication token. Once in, they are able to pose as the legitimate account owner whilst simultaneously conducting a wide range of damaging activities such as stealing sensitive data, spreading malicious code or even sending traffic to counterfeit websites.
Are the risks real?
The risks are definitely real. Cloud account hijacking can be particularly devastating at an enterprise level, depending on how attackers use the information they steal, or what else they get up to whilst in the account. Obvious concerns are the leaking or destruction of sensitive company IP. However, the reputational damage caused by actions such as redirected web traffic to fraudulent websites or spamming customer bases with phishing attacks could be catastrophic. Additional legal implications and regulatory fines are also a very real concern for businesses in highly regulated industries, such as healthcare and finance, particularly if confidential stock market or patient data is exposed, for example.
What can businesses do to make their cloud accounts more secure?
There are a number of simple steps that any organisation can take to quickly improve the security of its cloud accounts and data:
- Require multi-factor authentication. Several tools exist that require users to enter static passwords as well as dynamic one-time passwords, which can be delivered via SMS, hardware tokens, biometrics, or other schemes
- Encrypt sensitive data before it goes to the cloud
- Ensure service providers conduct background checks on all employees who have physical access to data centre server rooms
- Restrict the IP addresses allowed to access cloud applications. Some cloud apps provide tools to specify allowable IP ranges, forcing users to access the application only through corporate networks or VPNs
- Implement secure solutions for cloud account hijacking defence
- Make sure all data is securely backed up in the event that data is lost in the cloud
Take time when choosing a new cloud service provider
Businesses must also take proactive steps when choosing a new cloud service provider, and prioritise security alongside other key factors such as ease of use and scalability. One important step is to compare the cloud security and data-integrity systems of different cloud service providers within their contracts.
Companies are well within their rights to examine the number of data loss or interference incidents a cloud service has experienced in the past. It is extremely prudent to know who you are going into business with. How often do they experiences downtime? How do they monitor and manage vulnerabilities? Do they allow clients to audit the performance in any of these areas? All of these are important questions that businesses should do their best to find the answers to before signing on any dotted lines.
Security platforms that extend to both the cloud and mobile devices will further bolster security. The ability to control or block risky data activity based on behavioural and contextual factors all add further security layers. Additional capabilities to look out for include end-to-end encryption, application control and continuous data monitoring.
[easy-tweet tweet=”To tackle the threat of #cloud account hijacking, businesses need a data-aware approach to #security”]
As the threat of cloud account hijacking continues to grow, a data-aware approach to security has become more important than ever. Cloud computing may well be the business model of the future, but organisations who want to capitalise on its many benefits would also do well to verse themselves in its risks and how to effectively mitigate them.