Cloud Computing – 2022 Top Threats – part 4
Cloud service platforms may have weaknesses, known as “system vulnerabilities,” that could be taken advantage of by malicious actors. These vulnerabilities can pose a threat to the confidentiality, integrity, and accessibility of data, potentially leading to disruption in service operations. Every aspect of the system could contain vulnerabilities that could make cloud services susceptible to attack. To reduce the risks associated with these vulnerabilities, it’s crucial to implement security measures that address the various types of vulnerabilities.
There are four main types of system vulnerabilities:
Zero Day Vulnerabilities are security weaknesses in software or systems that are unknown to the software vendor or to antivirus vendors, so there is no patch or fix available to protect against it. As soon as the vulnerability is discovered, it becomes a race between the software vendor and the attackers to see who can address the issue first. If the attackers can exploit the vulnerability before a patch is released, they have a “zero-day” advantage.
Zero-day vulnerabilities are highly sought after by both state-sponsored hackers and criminal organizations, as they can be used to launch devastating attacks that are difficult to detect and prevent. Therefore it’s important for organizations to keep their systems and software up to date with the latest security patches and to use multiple layers of security to protect against zero-day threats.
Missing security patches – When security patches are released to address critical vulnerabilities, it’s important to implement them promptly to minimize the risk of attack. As new vulnerabilities are discovered and patches become available, the number of unpatched vulnerabilities will accumulate, increasing the overall security risk of the system. To reduce this risk, it’s important to regularly check for and apply new patches to ensure the system’s security.
Configuration-based vulnerabilities occur when a system is set up with incorrect or outdated settings. This can include using outdated security protocols, weak encryption ciphers, weak permissions, and unprotected system management interfaces. Another example is running unnecessary services on the system. All these issues can create security vulnerabilities that can be exploited by attackers. To reduce the risk of these vulnerabilities, it’s important to properly configure systems and to regularly review and update their configurations to ensure that they are secure.
Using weak or default credentials makes systems vulnerable to unauthorized access, data theft, and malware spread. Attackers can easily guess or obtain these credentials, making it easier for them to compromise systems. It is important to use strong and unique credentials and regularly update them to ensure security.
The IBM Cost of Data Breach 2021 Report showed that 14% of data breaches studied were caused by vulnerabilities in third-party software, while cloud misconfiguration and compromised credentials accounted for 20% and 15% respectively. Data breaches can have significant consequences for businesses, disrupting operations and potentially damaging their reputation, leading to a loss of customers and revenue. It’s important for organizations to take steps to prevent data breaches by addressing vulnerabilities and properly securing their systems and data.
Accidental Cloud Data Disclosure
Cloud services offer companies unprecedented speed and agility in their efforts to build, innovate, and scale. However, the complexity of the cloud and the decentralization of cloud ownership to various teams and departments can lead to a decreased focus on security governance and control. With the growing number of configurations for cloud resources across different cloud service providers, misconfigurations are becoming increasingly common, and the lack of visibility into cloud inventory and network exposure can result in unintentional data breaches. To mitigate these risks, it is crucial for organizations to establish strong security governance and control measures.
A significant number of companies still have publicly accessible databases that are vulnerable to attack. Over 55% of these organizations have at least one database that is openly exposed on the internet, frequently with weak passwords or lacking authentication, making them an easy target for attackers who actively scan the web in search of these vulnerable databases.
In 2020 attackers were able to compromise Elasticsearch servers due to weak passwords and a lack of authentication, leading to widespread data exposure. The speed at which these servers could be breached, with some being compromised in just eight hours, highlights the need for organizations to address security vulnerabilities in their systems as quickly as possible.