Security in Cloud

A concern for many ….

Cloud security is the set of strategies and practices for protecting data and applications that are hosted in the cloud. Like cyber security, cloud security is a very broad area, and it is never possible to prevent every variety of attack. However, a well-designed cloud security strategy vastly reduces the risk of cyber attacks.Understanding how to secure cloud data remains one of the biggest obstacles to overcome as organizations transition from building and managing on-premises data centers. So, what is data security in the cloud?

Top Security issues and challenges

1. Availability of cloud security experts

Cloud architecture and cloud security require specialized knowledge. Unfortunately, the availability of skilled labor in this field, particularly for specialists trained in managing security concerns in cloud computing, has not caught up to demand. Consequently, organizations must rely heavily on outside advisory and managed services to deploy, maintain, and secure their cloud resourcIdentity and access management (IAM), which involves using technology and policies to control which users may access what resources, presents a significant cloud security challenge. Cloud infrastructure requires a sophisticated system of granular control because users access resources primarily at the application or modular level.es.

2. Unmanaged Attack Surface

An attack surface is your environment’s total exposure. The adoption of microservices can lead to an explosion of publicly available workload. Every workload adds to the attack surface. Without close management, you could expose your infrastructure in ways you don’t know until an attack occurs.

3. Identity and Access Management (IAM)

Identity and access management (IAM), which involves using technology and policies to control which users may access what resources, presents a significant cloud security challenge. Cloud infrastructure requires a sophisticated system of granular control because users access resources primarily at the application or modular level.

4. Data Breaches !!!

A data breach occurs when sensitive information leaves your possession without your knowledge or permission. Data is worth more to attackers than anything else, making it the goal of most attacks. Cloud misconfiguration and lack of runtime protection can leave it wide open for thieves to steal.The impact of data breaches depends on the type of data stolen. Thieves sell personally identifiable information (PII) and personal health information (PHI) on the dark web to those who want to steal identities or use the information in phishing emails.

Some Major Attacks

1. Meta(Facebook) was breached sometime before August 2019 but decided not to notify over 530 million users that their personal data was stolen — and shortly after that, posted to a public database — until April 2021. The data included phone numbers, full names, locations, some email addresses, and other details from user profiles.

2. Verizon

Verizon Communications, a telecommunications giant, experienced a series of cloud-related security incidents. In 2017, Verizon partner Nice Systems accidentally exposed user data due to a flaw in its Amazon S3 storage configuration. Then in 2020, Verizon experienced 29,207 security incidents, of which 5,200 were confirmed compromises.The attacks included DDoS, social engineering, and client-side web application flaws that led to compromise of server-side systems. Verizon said most of these attacks were due to the “human element”, as a result of remote work during the COVID-19 crisis.

3.LinkedIn

Lost 700 Million Data Through a Data Scraping Breach.In 2021, hackers penetrated LinkedIn and almost 93% of the total user base, equivalent to 700 million, after a data scraping breach. Most of the information was publicly available. However, hackers have leveraged data scraping, exploited LinkedIn API, and violated its terms of service.

4. Google Data deletion

All of their data including all of their backups across two different regions was accidentally deleted by Google. If they hadn’t had a backup with another provider, they would have been in serious trouble.Though this sort of thing is exceptionally rare, it does make me worry about clients who only backup RDS databases using Amazon’s own snapshots. I think we need to set up at least a monthly encrypted backup for them that goes to another cloud provider / backup provider.

Why Cloud attacks can be dangerous to a provider and the organisation ??

1. Cloud attacks can often result in data breaches. This is because hackers can access a large amount of data all at once, rather than having to target individual devices or accounts. This can lead to financial and reputational damage for a company.
2. Cloud attacks can be challenging to detect and prevent. This is because the cloud is a complex system with many different components. This makes it hard to identify and fix vulnerabilities. As a result, companies need to be extra vigilant about protecting their data and preventing cloud attacks.‍

Some preventive measures to prevent Cloud attacks

1. REGULARLY MONITOR IAM ACCOUNTS
2. REGULARLY SCAN AND TEST CLOUD CONFIGURATION
3. Regular Security Audits: Conduct periodic security audits to identify vulnerabilities in cloud infrastructure, applications, and configurations. Promptly address any discovered weaknesses.
4. Data Encryption: Encrypt sensitive data both in transit and at rest to protect it from unauthorized access. Use strong encryption algorithms and secure key management practices
5. Backup and Recovery: Regularly back up critical data stored in the cloud and test the restoration process to ensure data availability and quick recovery in case of an attack or system failure.
6. Patch Management: Keep cloud systems, applications, and underlying software up to date with the latest security patches. Regularly apply updates to address known vulnerabilities.

Check out the article on cloud breaches .