CSA Report: Top Nine Cloud Security Threats in 2013

Cloud Security Alliance (CSA), a non-profit industry organization that promotes the protection techniques in the cloud, has recently updated its list of the top threats of cloud in the report entitled “The Notorious Nine Cloud Computing Top Threats in 2013”.

CSA indicates that the report reflects the consensus of the experts on the most significant threats to security in the cloud and focuses on the threats arising from the sharing of common resources. The report is intended to help users of the cloud and cloud services providers to implement the best strategies to reduce risk.

Data Theft

Theft of confidential corporate information is always a risk to any IT infrastructure, but CSA indicates the cloud model offers new, major highways attacks. If the base of the cloud data from multiple leases is not thought out properly, a flaw in the application of one client can open attackers’ access to data not only of the client, but all other cloud users.

Loss of Data

The data stored in the cloud, can be stolen by hackers or lost for other reasons, says CSA. Data can suffer a fire or natural disaster or data can be accidentally deleted if a provider of cloud services does not introduce proper backup measures. On the other hand, the customer, which encrypts the data before upload them to the cloud, suddenly lost the encryption key, adds CSA.

Service Traffic Hijacking

In a cloud environment attacker could use the stolen login information to intercept, forge or give distorted information to redirect users to malicious sites, says CSA. Organizations should prohibit distribution of their login information for all services. CSA recommends a robust, two-factor authentication to reduce the risk.

Insecure Interfaces and API

Organization is subjected to a variety of threats if they use weak interface software or API to manage and interact with cloud services. These interfaces must be well designed and secured to include authentication, access control and encryption.

CSA adds that organization and third-party contractors often use cloud interfaces to provide additional services, making them more complex and increases the risk, as it may require that the customer told their registration data to such contractor to facilitate the provision of services.

Denial of Service

The cloud can be made attacks such as denial of service that cause an overload of infrastructure, making use a huge amount of system resources and not allowing customers to use the service. Media attention often involve distributed, or DDoS-attacks, but there are other types of DoS-attacks, which can block the cloud usage.

For example, attackers can launch DoS-attacks on asymmetric application layer by exploiting vulnerabilities in the Web-servers, databases, or other cloud resources to fill up the application with a very small payload.

Malicious Insiders

CSA warns without proper level of security on IaaS, PaaS or SaaS, an insider who has improper intentions (e.g., system administrator) may gain access to confidential information that it is not intended for him.

Malicious insiders are certified to do greater and bigger damage than any other attacks. According to CSA, even if encryption is implemented, if the keys are not kept with the customer and are only available at data-usage time, the system is still vulnerable to malicious insider attack.

Use of Cloud Resources by Hackers

Cloud computing enable organizations of all sizes to use massive computing power, but one might want to do it with the wrong intentions, warns CSA. For example, a hacker can use a set of cloud servers power to crack the encryption key in a matter of minutes.

Cloud service providers need to consider how they will keep track of the people who use the power of the cloud infrastructure and prevent such abuses.

Lack of Foresight

In pursuit of cost savings and other benefits of the cloud, some organizations rush to use cloud services, not realizing the consequences of this step. Organizations should conduct a comprehensive, thorough review of its internal systems and potential cloud providers to fully understand all the risks to which they may expose in future before moving to a new model.

They must ensure that the development team is familiar with the cloud and its associated technology. They also need to train the group in an appropriate manner.

Adjacent Vulnerability

Whether it’s the underlying components that make up this infrastructure (e.g. CPU caches, GPUs, etc.) that were not designed to offer strong isolation properties for a multi-tenant architecture (IaaS), re-deployable platforms (PaaS), or multi-customer applications (SaaS), the threat of shared vulnerabilities exists in all delivery models, according to the report.

For example, the hypervisor or element of a common platform simply will expose the whole cloud platform if that holds the whole infrastructure stiff and firm goes compromised. CSA recommends measure that includes in-depth security measures for application, network, compute, storage, and monitoring and user security enforcement.

One comment

  1. Good key management will need to be present in any type of cloud encryption utility. Users lose their keys and passwords – it’s just a fact of life. Will need a good key management policy and software tools to prevent perma-crypt.

    On the other hand, perma-crypt may not be such a bad thing. Revoke the keys and you no longer have to trust your cloud provider to delete data.

Leave a Reply to Fred Thiele Cancel reply

Your email address will not be published. Required fields are marked *