Three ways enterprises can prevent cloud jacking
Late
on a Friday afternoon, an urgent message hits the inbox of a mid-level
executive at a large data firm. The message seems to be authentic; not only is
the sender identified as the executive’s boss but it is attached to a recent
exchange of legitimate emails between the two.
The
request, however, is unique. The executive is asked to send their password so
their boss can access a system accessible only through their account. It is a
highly irregular request, and the executive hesitates long enough to place a
call. This results in a shocking discovery: There has been a breach in the
company’s cloud infrastructure.
The
email was part of a blast sent to dozens of mid-level executives, using
addresses and texts stored in the business’s cloud service. It only takes one
of these targeted executives reacting without due caution for the ploy to be
worthwhile.
For
cybercriminals, cloud platforms can be a ready means for gaining trust and
conning people into making decisions damaging to their businesses and careers.
Those who master this dark skill are known as cloud jackers.
How cloud jacking works
Most
data-focused enterprises unlock vast opportunities by accessing cloud
technology. Unfortunately, these opportunities can also attract sophisticated
criminals. Some merely want to steal data. Others want more.
Cloud
jacking involves illicit entry into a cloud environment for a range of
activities. This includes blocking access to legitimate users, sending out
phishing emails or malware under the guise of business activity or even
inflicting wholesale financial and reputational damage on the host.
Some
cloud jacking attacks involve an escalating series of damaging assaults on an
enterprise’s cloud profile using compromised credentials. A persistent cloud
jacker left with too much time can transform the initial breach into a
springboard for damaging cyberattacks across the enterprise and well beyond it.
In
whatever form cloud jacking takes, its effects can be devastating to unprepared
enterprises and their employees.
What are the objectives?
Like
other malevolent hackers, cloud jackers understand cloud architecture is where
the action is. Gartner
estimates more than 95% of new digital workloads will be
deployed on cloud-native platforms by 2025 – up from 30% in 2021.
Being
prepared for cloud jackers requires an understanding of what drives them.
Unlike other shady operators who infiltrate
the cloud to steal data, cloud jackers seek to leverage access
itself.
This
disruption of enterprise activities can be for ransom, exploitation of
intellectual property, launching malware or bot attacks from a third-party
location or many other reasons. They can even use their stolen access to deny
the same access to legitimate users of the cloud service.
The
challenge is further exacerbated by the growth of workload
identities (separate from direct human activity) that access
cloud infrastructure. With so many apps, virtual machines, AI and Internet of
Things-related activities to track and monitor, how does one guard their cloud
system against a would-be cloud jacker?
How can it be stopped?
A
focused strategy to prevent cloud jacking simultaneously can succeed by
employing three complementary processes:
1.
Authenticate, authenticate: A
commitment to multi-factor authentication (MFA) can significantly reduce
exposure to cloud jacking at the ground level. Having to navigate multiple
access checkpoints will often send cloud jackers in search of easier
targets. Simply put, security built around a single password cannot
be counted on today. AWS reports:
“While passwords protect digital assets, they are simply not enough. Expert
cybercriminals try to actively find passwords.” Yes, a policy of
maintaining more stringent authentication protocols is less convenient.
However, the implementation of user-friendly MFA with an option to add single
sign-on (SSO) features can provide stronger protection complete with
frictionless, trusted access.
2.
Control access: Too
many cloud platforms are compromised when their owners allow free rein to
multiple users. At the heart of much cloud insecurity is the failure to deal
with permission risk. Failing to update configuration
settings or allowing access by large numbers of users invites
illicit entry. It is helpful here to consider the widely understood principle
of least privilege (PoLP) when implementing cloud security. In sum, a user
should only have access to the specific data, resources and applications they
need to complete a required task. Enterprises leveraging cloud platforms need
to be willing to set hard limits on who gets access to their infrastructure.
They also need to keep close watch on those who have credentials, creating
practical yet firm parameters on where they can and cannot go.
3.
Get help: When
dealing with the management of off-premises operations like cloud services,
going it alone is often a big mistake. One needs access to tools for better
managing security around an enterprise’s cloud assets. One also needs dedicated
expertise for help managing those tools effectively, including implementing
effective safeguards along the way. Having the support of a managed service
provider is essential to this end. Managed
Cloud Security can take many forms depending on the type and size of
enterprise being served, but it all boils down to 24/7/365 managed protection
custom-designed to fit the cloud activities of a specific user. Trusting an
internal IT team to manage cloud security protocols is not only limiting from a
cybersecurity perspective but can hamper their other mission-critical
activities.
Other helpful strategies
Regular
software updates and site management reviews are also useful ways to counter
cloud jacking. Cloud jackers often count on a level of operational disconnect
between an enterprise and its cloud assets; this can be minimized by a regimen
of careful scrutiny and steady change.
Zero
Trust Network Access (ZTNA) is a solution that provides comprehensive security
using a dynamic, identity-based approach to grant access to users, devices, and
applications. While virtual private networks (VPNs) can encrypt and protect
cloud connections, ZTNA is optimally designed for securing data both in transit
and at rest. In short, ZTNA offers a more robust and secure solution to protect
sensitive data.
While
backing up data stored in the cloud won’t protect that data from theft, it can
reduce the damage done by those cloud jackers who seek to delete or deny access
to critical data.
Being aware of the assigned security responsibilities of a cloud service provider is also important. “Remember that security is a shared responsibility between you and your cloud service provider, so ensure that you understand your provider’s security policies.”
Learn
how your enterprise can ensure deeper, safer vigilance of its cloud assets, and
other ways you can help your organization exceed its service goals today and
tomorrow with Spectrum
Enterprise solutions.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.