Cloud computing has become ubiquitous for many companies but keeping it secure can be a challenge.
Cloud Security Alliance Asia Pacific executive council chairman Ken Low shared the alliance’s top nine threats to the cloud at a Trend Micro event in Sydney.
9: Shared technology vulnerabilities
“In 2014, we have seen some of the most critical vulnerabilities such as Heartbleed which affected OpenSSL. That allowed people access to encrypted data,” said Low.
There was also the discovery of the Shellshock vulnerability which affected the Bash shell.
“Cloud service providers can scale their services by sharing infrastructure default to applications but the lack of strong isolation properties in monitored environments make them vulnerable,” said Low.
He said that virtual patching can stop shared technology vulnerabilities.
“Launching without patching is like jumping into a hole. Patching is not easy but you can set up patch management. This needs to be done on a weekend because when Monday comes everyone wants the system up and running.”
8: Insufficient due diligence
The rush to the cloud for cost reductions or efficiencies can sometimes result in a lack of operational responsibilities, said Low.
“One good example is incident response. You don’t know what to do after the attack and that is important because you need to contain the damage and restore services as soon as possible.”
“Those responses need to be clearly specified with your vendors and top service providers. Forensics is important because we want to save your systems and know who did it,” he said.
7: Abuse of cloud services
The use of cloud services to launch distributed denial of service (DDoS) attacks, malware or distribute pirate software has become prevalent according to Low.
“It is very important that we invest in advanced tracking tools to identify attacks that are highly evasive. Attackers will study you over a long period of time to understand the loopholes in the system.”
6: Malicious insiders
Having the right set of access controls and encryption keys will help organisations avoid the problem of malicious insiders stealing data, said Low.
“Someone who is working for you today could be a competitor tomorrow.”
5: Denial of service attacks
Read more: Data sovereignty or data protectionism?
With mobile devices and distributed computing, denial of service attacks have become easier. Low recommended that companies use bandwidth protection so that they can shut down suspicious traffic that is taking up bandwidth.
“Virtual patching is important because DDoS attacks employ the use of infected PCs. If you have virtual patching you can close that gap and make sure work computers are not compromised.”
4: Insecure interfaces and APIs
As you are rolling out cloud services, make sure the handover between one software application and another is done in a secure manner.
“This data needs to be encrypted from end to end. Make sure your applications go through proper testing and validation,” said Low.
3: Account service traffic hijacking
Hackers sometimes use a well-known site which appears trusted but there has been a cross scripting attack.
Low said that enterprises should use proper threat prevention and identify malicious URLs that employees should not click.
2: Data loss
Cyber attacks are targeted at this area and disasters are becoming a reality. Enterprises need to make sure they have proper vulnerabilities in place. If you lose your master key your data is gone, warned Low.
1: Data breaches
Attacks using keys from another virtual machine has been identified as a number one trend by the CSA.
“A lot of this has to do with the fact that your virtual machines are not well protected. With virtualization you have a shared platform so you need to make sure every VM is protected. Think of it as an onion, security from the inside out.”
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia