share

The top 3 cloud security challenges

Posted by Rudy Mitra on Dec 29, 2019 10:04:50 AM
Rudy Mitra
Find me on:

The top 3 cloud security challenges

Advances in technology bring with them a host of challenges, and we’ve seen that more than ever before in the past year. Here are our top three that we have seen to be confronting IT teams around Australia.

 

Weak security configuration

When services or resources are left open attackers may steal information or interact with systems that should never be seen.

The best-known example of weak security configurations causing issues for enterprises was Amazon's S3 bucket storage. Historically many companies configured their S3 buckets to be public, indeed this was the default behaviour when creating a bucket. While it now defaults for buckets to be created with restricted access, “open buckets” are still common. When attackers find these open buckets, they can steal any of the information stored inside, bad news if this is sensitive information for the bucket’s owner!

It is important not to assume that attackers will not be able to identify or check the access permissions of your cloud resources.

 

Insecure application programming interfaces (APIs)

APIs are used by businesses to allow customers to interact with information from cloud services, for example your CRM will allow you to use APIs to integrate marketing or accounting software and seamlessly transfer information from platform to platform with an added layer of automation. This increases accuracy and decreases manual workloads.

APIs use encryption to protect the information being transferred, but as HP puts it, they are the public front door to your application. Typically, they’re also well documented, giving away information about internal structures that would be incredibly useful for hackers to know.

Secure coding methodologies are required to avoid code being released into production before it has been adequately tested, allowing for malicious users to exploit vulnerabilities or implement attacks such as man-in-the-middle vectors.

 

Denial of service (DoS)

Denial of service (DoS) attacks are different from malware or viruses in that they don’t require a special program to run to achieve their goal. Instead, they rely on communication between networks in order to undertake their malicious activity.

 

DoS attacks generally fall into two categories:

Flooding attacks: the most common type of DoS attack, they occur when a server is sent a huge amount of traffic that is beyond its ability to cope with. The system will then eventually fail. 

A ping flood (or ICMP flood) sends spoofed packets of information to a network’s computers intending to find a misconfigured network device, while an SYN flood exploits vulnerabilities in TCP connection sequences, leaving connected ports unusable until the system is overwhelmed and forced to shut down.

Crash attacks: Less common than flooding attacks, crash attacks are much like you’d expect them to be – they occur when cyber criminals exploit flaws to crash a system. 

Shutting down systems can halt business activity quickly. Imagine not being able to access Netflix or your favourite online store. Annoying, right? What if it was your bank account that went offline? The repercussions for brands can be long-lasting from a reputational standpoint and that’s not something any business would want to face.

 

But how do you stop it happening to you?

Recognising the challenges that come from cloud usage will allow you to confidently take advantage of the positive aspects.

Making cyber security a priority for your business will ensure you have more uptime for your systems and create a better reputation for your brand. Here at The Missing Link, we’ve been looking after the security needs of businesses for a number of years. If there’s a problem, we’ll know the solution. Contact us today and take a weight off your shoulders when it comes to cloud security.

 

If you liked this article, you may also like:

The challenges of running a modern Security Operations Centre

Insider threats: types and attack detection you need to know for prevention

The psychology of passwords: beating the hackers and keeping your information safe

AUTHOR

Rudy Mitra

Digital Marketing Coordinator

Resource

If your network future-proofed?

GRAB A COPY
UP NEXT

The risky world of malicious AI

Artificial intelligence (AI) is capable of increas...

What do you do after a data breach

Data breaches are the stuff that IT manager’s nigh...

The Missing Link wins BSides Canberra '19

At the beginning The Missing Link took a road trip...