Cloud computing can completely transform the way organizations store and access data. However, with more and more businesses making the leap to cloud computing, the cloud is increasingly becoming an attractive target for hackers.
Regardless of whether you’re considering migrating to the cloud, or you’re already storing your data with a cloud provider, it’s vital that you’re aware of the security risks associated with cloud computing.
To help you use the cloud safely, we’re taking a look at the 6 biggest cloud security threats, and the steps your business can take to avoid them.
1. The $292 million data breach
A data breach occurs when sensitive or confidential information is released, stolen, viewed or used by an individual or organization who doesn’t have authorized access. A data breach can involve a wide range of information, including trade secrets, intellectual property, financial data, and privileged account information such as usernames and passwords.
The risk of a data breach isn’t unique to cloud computing, but it’s still one of the top concerns many businesses have when migrating to the cloud, as a data breach can have disastrous consequences for your business.
In November 2013, Target suffered an infamous data breach where hackers stole over 40 million customer names, credit and debit card numbers, expiration dates and CVV security codes. As news of the data breach spread, customers decided to take their business elsewhere during the lucrative holiday season, and Target ultimately reported a $292 million dollar loss as a result of the breach.
While the Target breach is an extreme example, a 2017 study by IBM Security and Ponemon Institute placed the average cost of a data breach at $3.62 million, so even if you experience a smaller breach, it may still end up costing you millions of dollars!
To help protect your business, it’s vital that you encrypt as much of your data as possible. The Target data breach had a huge financial impact on the company, but it could have been so much worse! Although customer debit card PIN data was stolen as part of the breach, this information was encrypted, so the hacker couldn’t simply start drawing money out of the victims’ bank accounts. Even if your data is stolen as part of a data breach, encryption can limit the amount of damage caused.
In addition, by encrypting your data you’re essentially making it worthless to hackers, which can reduce the chances of someone trying to hack your system in the first place.
2. Account hijacking
If a hacker gains access to one of your employee’s passwords, then they could potentially hijack that person’s account. Depending on the account’s permissions, the hacker may then be able to perform tasks such as reading, modifying and deleting your data, and eavesdropping on confidential company activities.
A hacker could even use a compromised account as the base for more aggressive attacks, for example releasing malicious code that appears to originate from a perfectly legitimate user account, and therefore doesn’t immediately strike anyone as suspicious.
To help protect yourself against account hijacking, it’s recommended that you implement multi-factor authentication (MFA) across your organization. MFA, sometimes referred to as 2-step verification, provides an additional layer of security, so that even if a hacker does manage to acquire an employee’s password, they’ll be unable to hijack any accounts.
You should also review how much data a hacker could access with a single hijacked account. According to the 2018 Global Data Risk Report, 21% of all folders inside an organization are open for everyone in the company to access, which means a hacker could potentially access all of these folders with a single hijacked account.
To minimize your risk, you should periodically review which employees have access to sensitive areas of your system, and then remove any permissions that are no longer required.
3. Malicious insiders: Protect your business against disgruntled employees
A malicious insider, also known as an insider threat, is anyone who has access to sensitive company information and an urge to intentionally exploit that access.
Malicious insiders are often motivated by financial gain, for example maybe a third party has offered them money in exchange for certain information, or they believe they can sell your company’s data online. Some malicious insiders may also be seeking revenge for some perceived slight, such as receiving a bad performance review or being passed over for promotion.
According to the 2018 Insider Threat Report, over 50% of organizations experienced an insider threat-based attack in the previous 12 months, and a 2018 study by the Ponemon Institute placed the average cost of a successful insider attack at $600,000.
To protect your business against this growing and potentially costly threat, you should carefully monitor your systems for any strange behaviour. In particular, be on the lookout for any data that’s moved unexpectedly, for example data that’s transferred to an external computer or network may indicate that an insider attack is underway.
Once again, it’s important to review the data that your employees can access. According to the 2018 Insider Threat Report, cybersecurity professionals named users with excessive access privileges as one of the three biggest enablers of insider attacks. To help keep your business safe, it’s recommended that you audit your user base once every six months, and revoke any unnecessary permissions or privileges.
4. APTs are no longer just a government threat
An advanced persistent threat (APT) is a parasitical cyberattack that remains undetected for an extended period of time. Once an attacker has established a foothold in your infrastructure, they’ll typically adapt to your unique security methods and blend in with normal traffic, by moving laterally through your data center networks.
A successful APT will pursue its goals stealthily over a period of time, whether that’s stealing, modifying or deleting data, or performing surveillance. Historically, APTs were used for political espionage, but today APTs are also deployed against non-government organizations.
If you’re going to detect possible APTs, then you need to establish your organization’s baseline data flow. Once you know what’s normal for your organization, you’ll be in a better position to identify the often-subtle changes that occur when an environment is compromised by an APT. APTs also often aggregate data before exporting it, so be on the lookout for blocks of data appearing in strange places.
Finally, generic phishing attacks aren’t uncommon, but you should be suspicious of targeted phishing attacks that contain keywords referring to real projects and important topics within your organization. If a targeted phishing email seems to know way more than it should, than this may indicate that an APT has infiltrated your computing infrastructure.
5. DoS attacks
A Denial-of-service (DoS) attack forces a cloud service to consume large amounts of system resources, such as processor power, network bandwidth and memory.
As the service becomes overloaded, legitimate users will be unable to access their data and applications, which can result in service outages and loss of productivity. In some instances, a DoS attack may result in financial losses and damage to your reputation, if you rely on the cloud to provide services to your customers.
You can help protect yourself against DoS attacks by monitoring your network traffic for anomalies, and implementing a business continuity plan, which will enable you to respond to DoS threats quickly and efficiently.
6. No-one’s perfect: Human error
Technology is advancing all the time, but your employees are always going to make mistakes, which can compromise even the most secure infrastructure.
Human error is a huge problem for cloud computing, with Jay Heiser, research vice president at Gartner, predicting that “through 2022, at least 95% of cloud security failures will be the customer’s fault.”
Your employees are inevitably going to make mistakes, but you can take steps to encourage them to take cloud security seriously.
Firstly, you need to ensure that everyone who has access to sensitive data, has received adequate training. If you’re considering migrating to the cloud, then we offer a range of training and support as part of our cloud migration packages. If you’re already a cloud user, then we can provide webinars and immersive training exercises that simulate the latest phishing, malware, and drive-by threat tactics, so you can be confident that your staff are equipped to handle all the major cloud security threats.
Once your employees know how to use the cloud safely, you’ll need to encourage them to put their training into practice. Just because an employee knows that a particular action is unsafe, doesn’t mean they won’t be tempted to use it as a shortcut or workaround when they’re facing a tight deadline!
To encourage responsible cloud usage, you should implement policies on cloud ownership and responsibility, so your employees know their actions are being tracked, and that there will be consequences for inappropriate cloud usage.
Take a look at our free E-book – 6 Common cybersecurity mistakes you can fix now!
Claim Your One Month FREE Trial of Microsoft 365 E5 Today.
Speak to a member of our team today 0114 292 2911 or email email@example.com if you need any assistance.
Share this article on social media
If you found this article useful, please share it on social media.
Subscribe to our blog…
We will only use your email to send you new blog posts.