Top 15 Cloud Security Threats, Risks, Concerns and their Solutions
The rapid growth of cloud computing in recent times has transformed the global. However, it has also brought forth numerous security challenges and threats.
The increasing utilization of the public cloud, involving humongous data, is leading to growing cloud security issues and risks.
CSA Survey Findings
The Cloud Security Alliance (CSA), which aims to promote the best practices for cloud security, recently conducted a survey of industry experts pertaining to the greatest security issues in cloud computing.
The survey results indicate the possibility of several critical issues such as data breaches, unauthorized access to data resulting from inadequate identity and access management, insecure APIs, service hijacking, Advanced Persistent Threats (APTs) and Denial of Service (DoS), among others.
Security Issues in Cloud Computing and Their Resolution
1) Data Breaches
A data breach involves the release of protected or confidential information to unauthorized individuals or groups. These can result from targeted attacks or even poor security practices, application vulnerabilities or human error.
The vast amount of data hosted by Cloud Service Providers (CSPs) makes them susceptible to the risk of data breaches. While cloud providers take responsibility for their services, the customers or businesses are also responsible for protecting their own data.
Multifactor authentication and encryption are two of the security measures that ensure protection against data breaches.
2) Inadequate Identity and Access Management
Attacks and security breaches can also result from non-usage of multifactor authentication, lack of ongoing automated rotation of cryptographic keys and certificates, as well as weak password usage.
Lack of scalable identity and access management systems also contributes to unauthorized data access. Multifactor authentication systems such as smartcard, OTP and phone authentication can go a long way in addressing this issue.
The authentication system should support the enforcement of policies for strong password usage and organization-defined rotation period, in case of legacy systems which involve the usage of passwords alone.
3) Insecure APIs
As Application Programming Interfaces (APIs) enable the provisioning, management and monitoring of cloud services, their security is of prime importance. The interfaces must be designed to prevent any malicious efforts pertaining to the authentication, access control, encryption and activity monitoring.
4) System Vulnerabilities
Attackers can infiltrate and take control of the systems in addition to disrupting the service operations, utilizing the system vulnerabilities or exploitable bugs.
To reduce the security gaps and mitigate the damage caused by system vulnerabilities, installation of security patches or upgrades, regular vulnerability scanning and following up on reported system threats are mandatory.
5) Account or Service Hijacking
Service hijacking includes attack methods such as phishing, fraud and exploitation of software vulnerabilities that enable attackers to misuse the account access, steal data, impact cloud services and systems, and damage the overall reputation.
Wherever possible, organizations should prohibit the sharing of account credentials among users and leverage strong two-factor authentication techniques.
6) Malicious Insider Threats
The threat caused by insiders with malicious intent, who might be system administrators having access to critical systems and sensitive information, can have a tremendous impact on a company’s security.
To control this, the CSP needs to ensure effective policies, segregation of duties and proper logging, auditing and monitoring of administrators’ activities.
7) Advanced Persistent Threats (APTs)
Advanced Persistent Threats (APTs) steal data and Intellectual Property (IP) by infiltrating the IT systems of target companies. The common points of entry for APTs are spear-phishing, direct hacking systems and use of unsecured or third-party networks.
Though APTs are difficult to detect and eliminate, they can be restricted with proactive security measures.
8) Malware Injection
Malware injection attacks are becoming a major security concern in cloud computing. These are malicious scripts or code that enable attackers to eavesdrop, steal data and compromise the integrity of sensitive information.
9) Data Loss
Data loss can occur because of multiple reasons such as a catastrophe like fire or earthquake, or even accidental deletion by the CSP. To avert this, both the providers and the users need to ensure proper data backup measures and follow the best practices pertaining to disaster recovery and business continuity.
10) Insufficient Due Diligence
Organizations need to perform the necessary due diligence and develop a proper roadmap before adopting cloud technologies and selecting the cloud providers, failing which they might be exposed to several security risks.
11) Poor IP Protection
Safeguarding IP demands the highest encryption and security protocols. In addition to identification and classification of IP for determining potential security risks, vulnerability assessment and appropriate encryption must be carried out.
12) Abuse of Cloud Services
Malicious attacks can also result from issues such as unsecured cloud service deployments, fraudulent account sign-ups and free cloud service trials. Large-scale automated click fraud, hosting of malicious or pirated content, launching distributed DoS attacks, phishing campaigns and email spam are some of the examples of cloud-based resources misuse.
13) DoS Attacks
Denial-of-Service (DoS) attacks cause the consumption of disproportionately large amounts of system resources including memory, disk space, network bandwidth and processor power by the targeted cloud services, thereby preventing the users from accessing their data and applications.
14) Vulnerabilities Caused by Shared Technology
CSPs deliver scalable services by sharing infrastructure, applications and platforms without substantial alterations to the off-the-shelf hardware and software.
If the underlying components such as CPU caches and GPUs do not offer strong isolation properties for a multitenant architecture (IaaS), multi-customer applications (SaaS) or redeployable platforms (PaaS), it could lead to shared technology vulnerabilities.
15) Communication with CSPs
Customers need to define the exact security requirements in the
Service Level Agreements (SLAs) with CSPs. They can use the CSA Security, Trust and Assurance Registry (CSA STAR) as a reference for understanding the security controls offered by CSPs.
CSPs also need to provide details on how they protect multi-tenant boundaries and ensure PCI and Federal Information Security Management Act (FISMA) compliance.