The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. In 2016 CSA released ‘Treacherous 12: Top Threats to Cloud Computing + Industry Insights’ article to provide readers with a real-world glimpse into what is currently occurring in the security industry. InstaSafe has refreshed release to the 2016 article that includes new real-world anecdotes and examples of recent incidents that relate to each of the 12 cloud computing threat categories identified in the original paper.
“It’s our hope that these updates will not only provide readers with a more relevant context in which to evaluate the top threats but that the enhanced article will provide them with a real-world glimpse into what is currently occurring in the security industry.
Account or service hijacking is not new. Attack methods such as phishing, fraud and exploitation of software vulnerabilities still achieve results. Credentials and passwords are often reused, which amplifies the impact of such attacks. Cloud solutions add a new threat to the landscape. Cloud account hijacking is a process in which an individual or organization’s cloud account is stolen or hijacked by an attacker. Cloud account hijacking is a common tactic in identity theft schemes in which the attacker uses the stolen account information to conduct a malicious or unauthorized activity. When cloud account hijacking occurs, an attacker typically uses a compromised email account or other credentials to impersonate the account owner.
While cloud computing carries with it a wealth of benefits to organizations, including reduced capital costs and on-demand resources, it also provides cybercriminals with an environment ripe for attack, since huge amounts of data are housed in one place. Because the data is stored and accessed on devices and resources often shared across many different users, the risks presented by cloud account hijacking are plentiful.
Few steps that could be taken to protect against account hijacking are:
- Password Protection.
- Be educated and aware.
- Use Multi-Factor Authentication (MFA).
- Keep all devices and software applications up-to-date.
5.2 Business Impacts
Account and service hijacking, usually with stolen credentials, remains a top threat. With stolen credentials, attackers can often access critical areas of cloud computing services, allowing them to compromise the confidentiality, integrity and availability of those services. Attackers can leverage account access to steal data, impact cloud services and systems, damage the reputation of tenants and more.
5.3 Anecdotes and Examples:
Recently Cybersecurity Expert John McAfee has warned of advances in hacking methods after his personal Twitter account was hijacked to promote a number of alternate cryptocurrencies last week.
In another such event in 2017, a group of hackers rerouted all of the bank’s online customers to perfectly reconstructed fakes of the bank’s properties, where the marks obediently handed over their account information. It took them 5 hours before the bank regained control of its domains. The extent of impact is not known as the bank hasn’t shared that information with the security firm, nor has it publicly disclosed the attack.
1. The Treacherous 12 – Cloud Computing Top Threats in 2016
2. What Is Cloud Account Hijacking?
3. What is Account Hijacking?
4. How Hackers Hijacked A Bank’s Entire Online Operation
5. McAfee Warns of Advanced Hacking After Twitter Account Hijacking