Misconfigurations are the Biggest Threat to Cloud Security: Here’s What to Do – Infosecurity Magazine

admin on May 24, 2021 Leave a Comment

Recently, a major tipping point was reached in the IT world more than half of new spending is now on cloud services over non-cloud IT. Rather than being the exception, cloud-based operations have become the rule.

There are many reasons why companies transition to the cloud. Lower costs, improved efficiencies and faster time to market are some of the primary benefits.

However, too many security teams still treat the cloud like an exception, or at least not as a primary use case. The approach remains and cloud, rather than cloud and.

Attackers know that business information security is generally behind the curve with its approach to the cloud, and they take advantage of the lack of security experience surrounding new cloud environments. This leads to ransomware, cryptocurrency mining and data exfiltration attacks targeting cloud environments, to name a few.

But what are they attacking specifically, and what can you do about it?

Misconfiguration at the User Level is the Biggest Security Risk in the Cloud

Cloud providers have built-in security measures that leave many systems administrators, IT directors and CISOs feeling content with the security of their data. Customers often think that the cloud provider is taking care of security with no additional actions needed on their part.

This way of thinking ignores the shared responsibility model for security in the cloud. While cloud providers secure the platform as a whole, companies are responsible for the security of the data hosted in those platforms. Misunderstanding the shared responsibility model leads to the primary security risk associated with the cloud:misconfiguration.

You may be thinking, But what about ransomware and cryptomining and exploits? These and many other attack types are primarily possible when one of the three misconfigurations below are present.

You can forget about all the worst-case, overly complex attacks: Misconfigurations are the greatest risk and should be your number one concern.

Why do Misconfigurations Happen?

Generally speaking, there are three primary categories of common misconfigurations that attackers are likely to target:

To further understand the state of cloud misconfigurations, Trend Micro Research recently investigated cloud-specific cyber-attacks. The report found a large number of websites partially hosted in world-writable cloud-based storage systems.

Despite these environments being secure by default, settings can be manually changed to allow more access than actually needed. These misconfigurations are typically put in place without knowing the potential consequences, but once in place, it is simple to scan the internet to find them and cyber-criminals are exploiting them for profit.

The risk of misconfigurations may seem obvious in theory, but in practice, overloaded IT teams are often simply trying to streamline workflows to make internal processes easier. So settings are changed to give read and/or write access to anyone in the organization with the necessary credentials. What they dont realize is that this level of exposure can be found and exploited by cyber-criminals.

How Big is the Misconfiguration Problem?

Nearly all data breaches involving cloud services have been caused by misconfigurations.Trend Micro identifies an average of 230 million misconfigurations per day.

We expectthis trend will increase in 2020, as more cloud-based services and applications gain popularity with companies using a DevOps workflow. Teams are likely to misconfigure more cloud-based applications, unintentionally exposing corporate data to the internet, and to cyber-criminals.

Our prediction is that through 2025, more than 75% of successful attacks on cloud environments will be caused by missing or misconfigured security by cloud customers rather than cloud providers.

How to Protect Against Misconfiguration

The good news is that misconfigurations are easily preventable with some basic cyber hygiene and regular monitoring. You can secure your cloud data and applications today, especially knowing that attackers are already cloud-aware and delivering vulnerabilities as a service.

Here are a few best practices for securing your cloud environment:

This overview builds on the recent report from Trend Micro Research on cloud-specific security gaps, which can be foundhere.

Read more:
Misconfigurations are the Biggest Threat to Cloud Security: Here's What to Do - Infosecurity Magazine

Related Posts
Posted in Internet Security

Comments are closed.