The NSA identifies 4 'critical' security vulnerabilities of cloud systems
According to CSO, more than 80% of organizations and businesses have been using services from 2 or more public cloud infrastructure providers, and nearly 2/3 of them It is using the service of 3 or more providers.
In the face of cloud computing becoming an integral part of every field, the US National Security Agency (NSA) has issued a new guide to help organizations and businesses improve Security of data stored on the cloud. Let's take a look at the four most notable security holes in the NSA recommendation below.
According to NSA experts, vulnerabilities in cloud systems can be divided into four categories: misconfiguration, poor access control, common shared and supply chain vulnerabilities.
Wrong configuration
This is the most common cloud vulnerability. Cloud-based resources are complex and constantly changing, making it difficult for system administrators to configure.
Wrong configuration may allow an attacker to access data and cloud services. In May 2017, this type of security flaw caused a huge amount of confidential data of one of the largest defense corporations in the United States to fall into the hands of hackers, causing millions of dollars in damage. Similarly, in September 2017, a security researcher discovered CENTCOM data that could be publicly accessible to all public cloud users. There are countless examples of cloud security disasters associated with misconfiguration.
Poor access control
This happens when cloud services use weak authentication methods or contain vulnerabilities that make it easier for hackers to bypass authentication layers. Weaknesses in access control mechanisms can allow an attacker to gain system privileges, thereby compromising cloud resources.
Continuous cyber attacks in October 2019 from the Phosporous hacker group targeted Microsoft customers, and the March 2018 attack of the Iranian Mabna group that caused email accounts to be compromised by omitting multi-factor authentication, are examples of how this vulnerability could be exploited by threat agents.
Shared vulnerability
Cloud platforms often consist of many software components and hardware combined. Highly skilled hackers are able to identify hardware and software components used in the cloud architecture and take advantage of the vulnerabilities inside these components to gradually penetrate the system.
This type of attack is very rare, but once it takes place, it is difficult for businesses to detect, and damage is almost inevitable.
Supply chain gaps
Supply chain vulnerabilities in the cloud include the presence of internal threats and intentional backdoors in hardware as well as software. In addition, third-party cloud software may also contain intentionally or unintentionally created vulnerabilities, thus becoming a threat to the entire system. Cloud service providers must be able to control and remedy all holes in the supply chain.
Managing risks in the cloud is the responsibility of cloud service providers (CSP). Therefore, CSP should implement appropriate countermeasures to help customers secure cloud resources. Cloud security is an ongoing process and customers should also actively monitor their cloud resources. Please report immediately to CSP if any abnormalities occur.
You should read it
- Cloud computing can develop in a relatively different direction in the next few years
- The 3 most popular attacks targeting clouds today
- Cloud computing transforms how to prevent viruses?
- Establish effective cloud security platform with 5 basic steps
- Error on CPU seriously affects cloud storage services
- Share experience in selecting and using cloud services effectively
- AWS and Azure dominate the cloud world, above all, no one wins
- Learn to use lesson computer 14 - Learn about cloud storage
- Learn about Public Cloud, Private Cloud and Hybrid Cloud
- Mix and combine in multicloud - the future of cloud computing
- 4 free Cloud Gaming apps to help you play games right on your phone
- Create private cloud with Hyper-V (Part 1)
Maybe you are interested
Cloudflare Withstands Record-Breaking 3.8 Tbps DDoS Attack With Automated Protection
How to Uninstall Adobe Creative Cloud on Windows Properly
Everything you need to know about iCloud Music Library
Warning: TryCloudflare is being abused to distribute remote access malware
AWS will discontinue Cloud9, CodeCommit, CloudSearch, and several other services
Instructions to combine clouds into beautiful and simple photos using PicsArt