Cloud Security: Why It Should Be Your Top Priority
It seems that the numerous benefits of cloud computing make the disruption of digital transformation worthwhile. However, a recent torrent of automated attacks on cloud infrastructure’s vulnerabilities has precipitated a somewhat gloomy outlook.
For example, Xbash – an advanced, data-destructive malware strain that combines crypto mining, ransomware and botnet capabilities – was identified in September 2018. How can organizations that have come to depend on the cloud for the smooth running of their business fight against the ever-changing cyber threat landscape?
“Cloud security has never been more critical,” warns Max Heinemeyer, director of threat hunting at Darktrace. “Xbash is a very sophisticated example of an automated attack because it can target both Linux and Windows servers, and has multiple payloads.
Automated attacks against Internet-facing infrastructure, like Xbash, are not new. What has changed is that the number of devices that are Internet-facing and potentially vulnerable has increased exponentially. This is in no small part due to the advent of the cloud. Attackers are innovating rapidly, and we can expect attacks on the cloud to get faster and more furious.”
Hardik Modi, senior director of threat intelligence at Netscout, expands upon this worrying theme.
“There are numerous instances of such open-source packages like Hadoop, Mongo and ElasticSearch which remain exposed to the internet, and there have been waves of reports of installations that have been exploited and encrypted,” he says. “This can have severe consequences for businesses of all sizes since they may not be in a position to recover such data.
Indeed, our telemetry shows a Hadoop YARN installation is attacked about once a minute. A vulnerable installation would be attacked immediately. These measures vary wildly across the industry and as a result, there remain huge exposures for the internet ecosystem at large.”
Alarming figures illustrate the growing issue.
“In January, 1.8 billion records were leaked online,” says Dr. Guy Bunker, senior vice president of data security organization Clearswift. “Today it is possible to collect and analyze billions of pieces of sensitive data in almost no time at all. It can be transferred across the internet to a partner who shares it with another and another.
These large datasets are not only useful for business, but they are also a honeypot for cybercriminals who will steal it and then sell the information on the dark web. Security is only as strong as the weakest link.”
Adam Philpott, McAfee’s president, Europe, Middle East and Africa, points out C-suite ignorance.
“We currently estimate that the average organization generates over 3.2 billion events per month in the cloud, of which 3,217 are anomalous and 31.3 are actual threat events,” he says.
“Also, most organizations underestimate how many cloud services they actually use, with the average using approximately 1,935, a figure that has seen a 15% growth from last year. In contrast, the average organization thinks it uses just 30 cloud services.”
Considering that the number of connected devices is expected to rise to 20 billion by next year, according to Gartner, organizations will use some 40% of these and each one opens up a new vulnerability. Gartner also projects worldwide public cloud growth of 17% this year. How then can organizations maintain adequate cybersecurity in this increasingly vicious online war zone?
Improving general cyber-hygiene and significantly greater education in this area, from top to bottom of an organization’s hierarchy, is imperative.
Adam Louca, the chief technologist for security at IT infrastructure provider Softcat, says:
“The current cybersecurity skill-gap means defending cloud infrastructure from compromise is one of the biggest challenges of modern business.
Cloud companies must do more to educate their customers on best-practice security configuration. Businesses must continue to invest in security skills training, and onboard new talent to close the widening gap between their security needs and the resources they have to protect themselves.”