When it comes to enterprise security, the cloud is the ignored dimension, a report from networking vendor Cisco has found.
According to the Cisco 2017 Midyear Cybersecurity Report, the cloud is a whole new frontier for hackers, and they are increasingly exploring its potential as an attack vector as often cloud systems are “mission-critical” for organisations.
Hackers, the report explains, also recognise that they can infiltrate connected systems faster by breaching cloud systems.
Since the end of 2016, Cisco said it observed an increase in activity targeting cloud systems, with attacks ranging in sophistication.
In January 2017, the company’s researchers caught attackers hunting for valid breached corporate identities using brute-force attacks. The hackers were creating a library of verified corporate user credentials, which saw them attempt to log into multiple corporate cloud deployments using servers on 20 suspicious IP addresses, Cisco said.
The report says that open authorisation (OAuth) — which allows an end user’s account information to be used by third-party services, such as Facebook, without exposing the user’s password — is in fact creating risk, in addition to its intended purpose of powering the cloud.
“OAuth risk and poor management of single privileged user accounts create security gaps that adversaries can easily exploit,” the report states. “Malicious hackers have already moved to the cloud and are working relentlessly to breach corporate cloud environments.”
According to Cisco, some of the largest breaches to date began with the compromise and misuse of a single privileged user account.
“Gaining access to a privileged account can provide hackers with the virtual ‘keys to the kingdom’ and the ability to carry out widespread theft and inflict significant damage,” the report explains. “However, most organisations aren’t paying enough attention to this risk.”
The average enterprise today has more than 1,000 unique apps in its environment and more than 20,000 different installations of those apps.
Cisco said its threat researchers examined 4,410 privileged user accounts at 495 organisations and found that six in every 100 end users per cloud platform have privileged user accounts, with many organisations having an average of two privileged users that carry out most of the administrative tasks.
As part of good practice, Cisco recommends administrators pay close attention to the IP addresses used to log in, with the average two users generally accessing the platform via the same handful of IP addresses.
“Activity outside those normal patterns should be investigated,” Cisco said.
Another action Cisco recommends is to have administrators log out once they have completed their required tasks, as open sessions make it easier for unauthorised users to gain access and to do so undetected.
The recent phishing campaign that targeted Gmail users and attempted to abuse the OAuth infrastructure underscored the OAuth security risk, Cisco said.
The bogus Docs app used Google’s OAuth implementation to request access to the Gmail accounts of targets. If users granted the app access, it sent the same phishing email to the user’s contacts.
Google reported that about 0.1 percent of its 1 billion users were affected by the campaign, with Cisco “conservatively” estimating that more than 300,000 corporations were infected by the worm.
As companies look to expand their use of the cloud, Cisco urges them to understand their role in ensuring cloud security, noting that cloud service providers are responsible for the physical, legal, operational, and infrastructure security of the technology they sell, but businesses are responsible for securing the use of underlying cloud services.
“Applying the same best practices that they use to ensure security in on-premises environments can go a long way toward preventing unauthorised access of cloud systems,” Cisco explained.
The company’s midyear report covers multiple threat types across many vectors, with Cisco noting its security experts are becoming increasingly concerned about the accelerating pace of change and sophistication in the overall global cyber threat landscape.
Revenue generation is still the top objective of most threat actors, Cisco said, noting however that increasing is the malicious inclination to lock systems and destroy data as part of their attack process — simply because they can.
“The breadth and depth of recent ransomware attacks alone demonstrate how adept adversaries are at exploiting security gaps and vulnerabilities across devices and networks for maximum impact,” the report says.
- Linux Cloud Servers- instantly flexible - May 18th, 2019
- Pricing - Cloud Services | Microsoft Azure - May 13th, 2019
- Hybrid Cloud Security: Simplify Complex ... - Trend Micro - April 28th, 2019
- Best cloud computing services of 2019 | TechRadar - April 8th, 2019
- Hackers Backdoor Cloud Servers to Attack Future Customers - March 29th, 2019
- Cloud vs. In-House Servers: What is the Best Choice ... - January 4th, 2019
- Cloud Services | Design In The Cloud | Autodesk - December 15th, 2018
- Brinkster Cloud Servers - VMware, SolidFire SSD-Based ... - June 2nd, 2018
- Virtual Network Virtual Private Cloud | Microsoft Azure - March 29th, 2018
- Keeping Your Files Safe in Google's Cloud - New York Times - September 7th, 2017
- 5 Reasons SD-WAN, 4G LTE Are Cloud Essentials - No Jitter - September 7th, 2017
- Canon USA Advances PRISMAsync Color Print Server in Version 5.2, Offering Cloud-Based PRISMAlytics Dashboard ... - PR Newswire (press release) - September 7th, 2017
- HPE Reports Q3 Gains Along With Cloud Deal - EnterpriseTech - September 6th, 2017
- Huawei Releases the New-Generation Intelligent Cloud Hardware Platform Atlas - Markets Insider - September 6th, 2017
- Unlocking the promise of a connected world through edge cloud ... - ITProPortal - September 5th, 2017
- Want to do IoT right? You'll need more storage, networking, servers, and cloud - TechRepublic - September 5th, 2017
- So you're already in the cloud but need to come back down to Earth - The Register - September 5th, 2017
- Nasa: Our demands for repeat presidential election - Daily Nation - September 5th, 2017
- Chinese smartphone maker Xiaomi open to moving servers to India - Economic Times - September 5th, 2017
- VMware officially lands on AWS cloud with new management and security features - SiliconANGLE News (blog) - September 2nd, 2017
- VMware-on-AWS is live, and Virtzilla is now a proper SaaS player - The Register - September 2nd, 2017
- Socionext Partners with Advantech to Offer High-Density, Low-Cost ... - Design and Reuse (press release) - September 2nd, 2017
- Municipal adoption of the cloud - American City & County (blog) - August 31st, 2017
- Veeam follows Virtzilla's cloud up the Amazon - The Register - August 31st, 2017
- Where does a business's data live? - Information Age - August 31st, 2017
- IBM cooks up a hardware architecture for tastier cloud-based services - TechTarget - August 31st, 2017
- Tachyum bets on flash storage to re-architect the cloud data center - ZDNet - August 29th, 2017
- Juniper adding microsegmentation to Contrail cloud - TechTarget - August 29th, 2017
- The future of serverless cloud looks a lot like physical servers - TechRepublic - August 29th, 2017
- Demand for server specialists increases, but talent pool is small - Network World - August 29th, 2017
- The pros and cons of cloud vs in house servers - Edmonton - August 28th, 2017
- You Can Now Spin Up VMware Servers in Amazon Data Centers - Data Center Knowledge - August 28th, 2017
- Windows Server 2016 changes prompt a new look at management - TechTarget - August 28th, 2017
- Cloud security market to reach $12B by 2024, driven by rise of cyber attacks - TechRepublic - August 28th, 2017
- Jeff Pulver, Internet Pioneer of VoIP and Entrepreneur Joins ... - Markets Insider - August 28th, 2017
- Google Aims to Boost Cloud Security with Titan Chipset - BizTech Magazine - August 28th, 2017
- Oppo and Vivo plan to move cloud storage to India, following India's new directives on data security - Firstpost - August 28th, 2017
- Digital Deluge on the Cloud - Valley News - August 27th, 2017
- How Can You Improve Document Management By Integrating Cloud-Based File Sharing And What You Need To Know ... - Business 2 Community - August 27th, 2017
- Hitachi rack servers get VMware Cloud treatment The Register - The Register - August 26th, 2017
- CenturyLink enhances VMware-based DCC platform, touts software-defined data center approach - FierceTelecom - August 26th, 2017
- Biz sends apps to public cloud, waves 'bye to on-premises server ... - The Register - August 23rd, 2017
- Druva Raises Another $80 Million - Channel Partners - August 23rd, 2017
- CrashPlan alternatives: How to move to another home backup solution - Macworld - August 23rd, 2017
- VMware shares to surge more than 20% because the Amazon cloud threat is overblown: Analyst - Yahoo Finance - August 23rd, 2017
- AMD Lines Up New China Datacenter Partners - EnterpriseTech - August 23rd, 2017
- How do you bring artificial intelligence from the cloud to the edge? - TNW - August 21st, 2017
- The rice of cloud, avocado of virtualization and salmon of doubt: Let's eat storage sushi - The Register - August 21st, 2017
- 70% of firms face skill shortages for server-based roles - Cloud Pro - August 21st, 2017
- Qualcomm moved its Snapdragon designers to its ARM server chip. We peek at the results - The Register - August 21st, 2017
- Info on 1.8 million Chicago voters exposed on Amazon server - USA TODAY - August 21st, 2017
- Microsoft and Google Give Startups Options to Amazon's Cloud - Fortune - August 18th, 2017
- How AIG moved commercial claims to the cloud - Information Management - August 18th, 2017
- Oracle expands database offering to its cloud services - Network World - August 16th, 2017
- Voices Cloud security from all angles - Accounting Today - August 16th, 2017
- HostHatch launches new Cloud Servers - 5x faster than the giants, including AWS & DigitalOcean - PR Web (press release) - August 15th, 2017
- Oracle Exadata Cloud lands on bare-metal servers - Computer Business Review - August 15th, 2017
- School phones go on 'the cloud' - The Ridgefield Press - August 15th, 2017
- Datrium Announces Split Provisioning For Simple Private Cloud Consolidation At Rackscale - Markets Insider - August 15th, 2017
- New McAfee virtual network security platform offered as part of free test drive on Amazon Web Services - CTR - August 14th, 2017
- How to move into a cloud career from traditional IT - InfoWorld - August 14th, 2017
- Oracle Makes the Most Powerful Database Platform Available on the Industry's Most Advanced Cloud Infrastructure - PR Newswire (press release) - August 14th, 2017
- Frank Dinucci's Cloud Accounting Workshop Draws Many ... - Markets Insider - August 13th, 2017
- Frank Dinucci's Cloud Accounting Workshop Draws Many Entrepreneurs - PR Newswire (press release) - August 12th, 2017
- Cryptocurrencies have pulled one of Nvidia's most sluggish businesses out of the gutter - Quartz - August 11th, 2017
- GoDaddy tops Q2 targets, revenue up 22 percent - ZDNet - August 9th, 2017
- Hardware Can Still Make or Break the Cloud - IT Business Edge (blog) - August 9th, 2017
- Serverless Architectures from an MSP's Point of View - MSPmentor - August 4th, 2017
- Unisecure Data Centers Offers 15% Discount On Cloud Server Hosting Services - HostReview.com (press release) - August 2nd, 2017
- How The Cloud Will Disrupt The Ad Tech Stack - AdExchanger - August 2nd, 2017
- Packet launches edge compute service in 15 global locations - RCR Wireless News - August 2nd, 2017
- IBM adds Optane to its cloud, only as storage and without GPUs - The Register - August 2nd, 2017
- Joining Apple, Amazon's China Cloud Service Bows to Censors - New York Times - August 1st, 2017
- Cisco Launches New UCS Servers, Hybrid Cloud Management ... - SDxCentral - July 12th, 2017
- Verizon data of 6 million users leaked online - CNNMoney - July 12th, 2017
- Server vendors board the Xeon SP party bus - The Register - July 12th, 2017
- New Azure servers to pack Intel FPGAs as Microsoft ARM-lessly embraces Xeon - The Register - July 12th, 2017
- Hybrid cloud and blockchain solutions will be the future for data backup - Information Age - July 10th, 2017
- New 'Microsoft 365' package bundles Windows and Office for businesses - GeekWire - July 10th, 2017
- Tech Data Tightens Cloud Integration With Microsoft To Unlock Simpler Experience For SMBs - CRN - July 10th, 2017