The adoption of the cloud is something that has been increasing for a lengthy period of time now, with the recent pandemic, only adding to the situation. Today you will find a considerable number of businesses moving towards the cloud, primarily because of its flexibility, cost efficiency, scalability and much more. They love the fact that they are able to benefit from the ability to add new capabilities and components to their work environment, within just a matter of minutes.
Despite all the different perks, there’s no way to get around the many security issues that are inherent to the cloud. Despite all the enhancements and advancements, with its many security improvements, there’s no doubt that many threats still continue to linger, that many businesses should be aware of and thus, should prepare for.
Which brings us to this article and its topic of discussion – 6 of the biggest cloud-based security threats that you should be aware of.
1. Cloud Snooper
Cloud snooper is essentially a very advanced form of malicious attack, which entails the use of various techniques to evade detection, while giving the malicious file access to be able to communicate without hindrance, using its Command and Control (C2) server, via a firewall. You will find that both Linux hosts and Windows systems have both equally fallen prey to this infection. When we dive deeper into the complexity of this attack, it gives credence to possible nation-state backing for all the actors involved.
2. Limited Cloud Visibility
If you were to speak to any expert in cloud technology, one thing they will all agree on, is that it’s not possible to secure something that cannot be seen. Limited cloud visibility or usage visibility is when you lack the necessary systems to be able to determine when the end users are actually accessing the cloud services. Due to the lack of visibility, this can lead to other potential security concerns, as a result of lack of awareness.
There are tools that can be used, like CloudLens, developed by Ixia, designed to give a complete environment allowing the end user to watch over all the various cloud assets. Through the use of this software, it’s possible to track public, hybrid and private clouds, which in turn should help secure any vulnerable areas of the cloud service.
3. Distributed Denial of Service Attacks
DDoS or Distributed Denial of Service attacks are designed to disrupt online services, by flooding them with overwhelming amounts of traffic. This results in, your services and websites becoming inaccessible to the various members of your team.
However, when we take a deeper look at DDoS attacks, you find that the sole objective of these attacks may not be solely to cause temporary disruption. In reality, it’s possible for these hackers to use these kinds of attacks as a diversion or smokescreen, to draw attention away from their true intentions.
To best protect yourself from these kinds of attacks, you’ll want to acquire software that is capable of detecting DDoS attacks before they happen. A piece of software called Cloudflare is designed specifically to counter these kinds of attacks.
4. Crypto Jacking Malware
With the increases going on in the value of cryptocurrencies, this has effectively attracted a significant number of Linux crypto jacking malware, designed to target specific cloud environments. This kind of attack or exploit is designed to target and hijack the processing power used for cloud computing and divert it for the mining of cryptocurrency.
Crypto jacking malware comes in a number of varieties. Some of them are open source, based on XMRig Miner, while other kinds of may be developed from the ground up, like Kinsing. Kinsing is a campaign that is currently ongoing, designed to compromise services that have Docker API ports that are exposed. Besides the typical cryptocurrency mining Kinsing is used for, it also has other things it is capable of doing. It can collect SSH credentials in order to access the servers of other cloud services. Once it does that, it can then implement its own defence evasion techniques.
With the large number of recorded attacks, specifically aimed at Linux systems, one thing is certain, that is, that crypto miners are relentless in their pursuit for new ways to infiltrate your production environment. You want to ensure you have the appropriate protection in order to repel their attacks, as and when they are carried out.
5. Account Hijacking
It’s possible for an employee to decrease your company’s security, simply by making a weak password. Unfortunately, today you will find hackers are getting better at locating and exploiting accounts with weaker passwords. This is particularly the case in work environments where the employees are required or can work remotely.
When in a remote working environment, employees may be expected to share devices or to log into an unsecure public Wi-Fi network in order to patch into the companies network. When an employee does this, it creates an avenue for these hackers to exploit. Criminals, waiting in the woodworks to exploit company information. In order to counter this threat, its best companies adopt two-factor authentication. You want a scenario where the user’s password is not relied upon exclusively. When it comes to password management, LastPass is one of the most popular choices for businesses, as it also offers multi-factor authentication and single sign-on.
IPStorm is a botnet which was originally designed to attack Windows based systems. However today, it has been modified to attack both MacOS and Linux operating systems. IPStorm is based on a peer-to-peer (P2P) network which is ironically legitimate. It uses this network to carry out its abuses of malicious traffic, and allowing the hacker to able to execute code on an infected system. The new variants of IPStorm, which are now capable of infecting Linux systems, carry all the same features of the original Windows variant, only they come with additional features, such as SSH brute-force attacks, which are designed to enable it to effectively spread to other cloud networks. IPStorm is one of only a few, cross-platform malwares that were developed using Golang, used specifically to target Linux servers. However, this number is continuing to grow, so don’t be surprised if it has doubled, months from now.
Uchenna Ani-Okoye is a former IT Manager who now runs his own computer support website https://www.compuchenna.co.uk
Read Next Blog: Top 7 Important Security Tips for Web Developer