As part of our Certified Cloud Security Professional (CCSP), we go into some detail around what is known in the security industry as the 'Treacherous Twelve.' These are the Cloud Computing Top Threats that were prevalent in 2016 based on data and input from various sources and contributors and co-ordinated by the Cloud Security Alliance and culminates in an easy to read and consume report. This can be downloaded here.
The diagram below shows the first 8 threats:
The report focuses on 12 threats that are specific and real in cloud computing solutions and as of the 20th October was updated to include real-life examples of each threat. The report is particularly useful in outlining clear business scenarios, where these types of threats are going to keep the board of directors, awake at night.
Business scenarios could include the hacking of a public-facing website, leading to reputational loss or severe damaging of a brand with years of investment, or the realisation that an ex-employee that has now signed-up with a competitor, is leaking your intellectual property which took several months to build up.
Here is an executive summary of the first 5 threats out of the twelve:
Data Breach - an incident where sensitive, protected or confidential information is released, viewed, stolen by an unauthorised actor. In 2015, BitDefender users names and passwords were stolen from an AWS hosted system and a ransom of $15,000 demanded.
Weak Identity, Credential & Access Management - often leading to data breaches as a result of inefficient or ineffective identity access management systems or processes, such as the use of weak passwords, bypassing multi-factor authentication or improper rotation of cryptographic entities, such as keys, passwords or certifications. Praetorian, a US-based provider of security solutions, launches a solution that cracks password hashes in a simple fashion, using AWS services.
Insecure API's - failure to provide appropriate security controls around application programming interfaces. In 2015, the US Internal Revenue Service (IRS) exposed over 300,000 records via an insecure Get Transcript API call.
System and Application Vulnerabilities - defects in software that allow hackers to steal data, take control of a system or disrupting services. WannaCry made use of an unpatched defect in Microsoft Windows operating systems, particularly Windows XP and allowed the malicious actors to encrypt data in an attempt to extort a ransom.
Account Hijacking - the ability for hackers to seize usernames and passwords to hijack an account, usually gained through phishing, fraud of exploitation of software vulnerabilities.
Here are 7 other reasons to read the report:
· Malicious Insiders
· Advanced Persistent Threats (APTs)
· Data Loss
· Insufficient Due Diligence
· Abuse and Nefarious Use of Cloud Services
· Denial of Service
· Shared Technology Issues
If you found this article useful please follow me on LinkedIn or on twitter @MusicComposer1 and post a message up using the hashtag #CCSP, where you'll find more posts, blogs and tweets covering the latest disruptive technologies.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.