As per the CSA (Cloud Security Alliance), there are some major threats to be considered in the area of cloud computing and it has been accepted worldwide and hence this article will help you to track the major threats. It will be of use to those who are checking up their luck in this field.
Data breaches are the issue, which has become the worst nightmare for most of the CIO’s. It is quite possible as per the lab experiments that a user operating on one VM can possibly intrude the user sitting on another VM. Something like this will kind of destroy the system as intruding cloud means intruding the most precious data.
Being a shared system, it is quite necessary to lay hands on the design of the database such that even if the database of one user is reached, the other cannot be easily accessed. A regular copy is created by cloud and many copies make CIO’s more vulnerable.
Data loss is different from data breach. Where data breach happens by the vengeful attack from an external source, data loss refers to the loss of data due to crash of drive storing data or any other accidental crash of drives and that too without any backup. Keeping encrypted database and losing the encryption key also is another reason of data loss. This is why the need of back up arise as loss of complete data is quite terrifying and may bring the running enterprise to ashes.
Even if the data is stored in the encrypted form, it can be intruded and modified by the attacker and hence keep the backup in case of any possible attack.
Whatever happens if one carries the backup, the data loss will not cause much harm.
Data manipulation is another bigger threat in this cloud world. This is a bigger concern as one of the multinational companies Amazon suffered it and a lot of precious information was compromised affecting the company reputation and trust value. It is quite possible for an attacker who entered the cloud virtual machine to manipulate the data or insert a harmful code in it to compromise the data and extract the banking details too. Entering the cloud virtual machine give a lot of options to attacker like close the website, compromise the information from incoming user, change the website information and much more system being open to the intruder.
It is very difficult to stop the malicious attack once entered the system, but yes it is possible to follow the preventive measures at first like not sharing the account credentials with any other users, including the trusted business partners, using two-factor authentication technique at all possible sites. Two-factor or multiple-factor authentication refers to the requirement of answers to questions or variables which only the user knows. For example while making the payment ask for card number, pin number, OTP with the username and password. It makes the account safe and saves from the vengeful attackers.
Since it is very easy to access the API’s from anywhere on the Internet, cloud becomes vulnerable for those users who access it using API. If a token or code which is used by the user to access the cloud account through API is compromised then it becomes quite easy for the attacker to enter the API and start the manipulation.
So, it is required to make secure and alert API to prevent such attacks.
DoS aka Denial of Service refers to the attempt where the machine becomes unavailable to the incoming/interested users. This kind of attacks is used to hamper the service by not allowing the users visit the site and destroy the traffic. The main concern associated with this type of attack is that the service is billed even when compromised of all the resources used by the incoming traffic. It is also very difficult to separate the good and the legitimate from the bad ones. DoS attack involves the
Consumption of resources like bandwidth, disk space, memory etc.
Interference in routing information
Interference in physical network components
Destruction of communication media between the victim and genuine users
Increase the processors usage to halt any type of work from it
Errors in operating system causing resource starvation or crash the operating system as a whole.
It’s not new to find about the employees responsible for the mess created the company leading to big losses. It is quite possible that employees do have access to the cloud services, which can then be breached to access the confidential information and pass it out to the competitors. Also, employees may find out information of users without being noticed.
So, if the services are running on cloud, then it becomes quite necessary for the users and provider to keep the data encrypted and within their vicinity to avoid breaching. It is very necessary to keep updating the password and pose a keen eye on cloud system to make sure of any kind of compromises.
The transmission of data from clients account to cloud needs to be done through a encrypted channel in order to avoid the intrusion of an attacker in the communication channel and manipulate the data. The communication channels may be SSL/TLS, which may avoid the different attacks and saves the data.
Sometimes vendors start including the cloud technology in their business without giving it ample time to understand and implement it. So, as everyone knows incomplete knowledge may lead to destruction.
Adding cloud services required good knowledge and efficient team to avoid the malicious attacks and data and account compromises.
So, instead of running behind cloud services by keeping own database and clients database on risk one must gather all the information and apply all the risk measure with a regularly monitoring team and then start the service to get a better response.
When a vendor creates account for a client on cloud, it is well aware of how to keep it secure. So, it is necessary for vendor to inform or educate its clients regarding different attacks, the weak points and risks involved, how to keep the passwords personal and much more to avoid the attacks due to lack of knowledge.
This must be taken seriously as being shared service it is quite possible that if one account is compromised, the whole cloud can also be. So, a proper employed team may keep the sessions of new joining clients.
Cloud services run on shared basis where multiple VMs run on the same hardware with the hypervisors. Getting an easy entry in one of the VM may allow the intruder to attack the associated VMs easily and also destroy the hypervisors. Due to open attack on SaaS it becomes very easy for the attacker to get the access of applications running on the same VM. Similarly happens to other lower layers to attack the hypervisors and gain the access of all the associated VMs and thus getting the authorized access to the database.
Regular monitoring may help avoiding this situation, which needs the employment of an efficient team.
To use the cloud services, one need to login and use the cards for making payment. This becomes very easy for the attackers to enter the panel and use the payment methods and it involves payment through paypal, western union etc where the card details are already entered and one may use it easily. This can be avoided only by opening your account regularly to keep a regular watch and immediately complaint if anything malicious occurs.