As per the CSA (Cloud Security Alliance), there are some major threats to be considered in the area of cloud computing and it has been accepted worldwide and hence this article will help you to track the major threats. It will be of use to those who are checking up on their luck in this field.
Data breaches are the issue, which has become the worst nightmare for most of the CIO’s. It is quite possible as per the lab experiments that a user operating on one VM can possibly intrude on the user sitting on another VM. Something like this will kind of destroys the system as an intruding cloud means intruding the most precious data.
Being a shared system, it is quite necessary to lay hands on the design of the database such that even if the database of one user is reached, the other cannot be easily accessed. A regular copy is created by the cloud and many copies make CIO’s more vulnerable.
Data loss is different from a data breach. Where data breach happens by the vengeful attack from an external source, data loss refers to the loss of data due to crash of drive storing data or any other accidental crash of drives and that too without any backup. Keeping an encrypted database and losing the encryption key also is another reason for data loss. This is why the need for back up arise like loss of complete data is quite terrifying and may bring the running enterprise to ashes.
Even if the data is stored in the encrypted form, it can be intruded on and modified by the attacker and hence keep the backup in case of any possible attack.
Whatever happens if one carries the backup, the data loss will not cause much harm.
Data manipulation is another bigger threat in this cloud world. This is a bigger concern as one of the multinational companies Amazon suffered it and a lot of precious information was compromised affecting the company reputation and trust value. It is quite possible for an attacker who entered the cloud virtual machine to manipulate the data or insert a harmful code in it to compromise the data and extract the banking details too. Entering the cloud virtual machine gives a lot of options to an attacker like close the website, compromise the information from an incoming user, change the website information, and much more system being open to the intruder.
It is very difficult to stop the malicious attack once entered the system, but yes it is possible to follow the preventive measures at first like not sharing the account credentials with any other users, including the trusted business partners, using the two-factor authentication technique at all possible sites. Two-factor or multiple-factor authentication refers to the requirement of answers to questions or variables which only the user knows. For example while making the payment ask for the card number, pin number, OTP with the username, and password. It makes the account safe and saves from the vengeful attackers.
Since it is very easy to access the API’s from anywhere on the Internet, the cloud becomes vulnerable for those users who access it using API. If a token or code that is used by the user to access the cloud account through API is compromised then it becomes quite easy for the attacker to enter the API and start the manipulation.
So, it is required to make secure and alert API to prevent such attacks.
DoS aka Denial of Service refers to the attempt where the machine becomes unavailable to the incoming/interested users. This kind of attack is used to hamper the service by not allowing the users to visit the site and destroy the traffic. The main concern associated with this type of attack is that the service is billed even when compromised of all the resources used by the incoming traffic. It is also very difficult to separate the good and the legitimate from the bad ones. DoS attack involves the
Errors in the operating system causing resource starvation or crash the operating system as a whole.
It’s not new to find about the employees responsible for the mess created the company leading to big losses. It is quite possible that employees do have access to the cloud services, which can then be breached to access the confidential information and pass it out to the competitors. Also, employees may find out information about users without being noticed.
So, if the services are running on the cloud, then it becomes quite necessary for the users and providers to keep the data encrypted and within their vicinity to avoid breaching. It is very necessary to keep updating the password and pose a keen eye on the cloud system to make sure of any kind of compromises.
The transmission of data from the client’s accounts to the cloud needs to be done through an encrypted channel in order to avoid the intrusion of an attacker in the communication channel and manipulate the data. The communication channels may be SSL/TLS, which may avoid the different attacks and saves the data.
Sometimes vendors start including the cloud technology in their business without giving it ample time to understand and implement it. So, as everyone knows incomplete knowledge may lead to destruction.
Adding cloud services required good knowledge and an efficient team to avoid malicious attacks and data and account compromises.
So, instead of running behind cloud services by keeping own database and clients database on risk one must gather all the information and apply all the risk measure with a regular monitoring team and then start the service to get a better response.
When a vendor creates an account for a client on the cloud, it is well aware of how to keep it secure. So, it is necessary for the vendor to inform or educate its clients regarding different attacks, the weak points and risks involved, how to keep the passwords personal, and much more to avoid the attacks due to lack of knowledge.
This must be taken seriously as being a shared service it is quite possible that if one account is compromised, the whole cloud can also be. So, a proper employed team may keep the sessions of new joining clients.
Cloud services run on a shared basis where multiple VMs run on the same hardware with the hypervisors. Getting an easy entry in one of the VM may allow the intruder to attack the associated VMs easily and also destroy the hypervisors. Due to open attacks on SaaS, it becomes very easy for the attacker to get access to applications running on the same VM. Similarly happens to other lower layers to attack the hypervisors and gain access to all the associated VMs and thus getting the authorized access to the database.
Regular monitoring may help to avoid this situation, which needs the employment of an efficient team.
To use cloud services, one needs to log in and use the cards for making payments. This becomes very easy for the attackers to enter the panel and use the payment methods and it involves payment through PayPal, western union, etc where the card details are already entered and one may use it easily. This can be avoided only by opening your account regularly to keep a regular watch and immediately complaint if anything malicious occurs.