Companies face many threats to their cyber security on the cloud. Fighting these threats requires knowledge and planning.
Here is information about threats 4-6 of the top 12 to cyber security on the cloud, and how you can fight them:
Threat #4: System Vulnerabilities
System vulnerabilities are closely related to the insecure APIs threat mentioned in the previous blog in this series. Basically, “system vulnerabilities” is the term used for any exploitable bugs or features in a program that hackers can use to compromise a computer system or program.
There are many different common vulnerabilities and exposures (CVEs) listed in reports such as Verizon’s Data Breach Investigations Report. However, the most commonly-exploited vulnerabilities tend to be very old ones rather than new ones.
The damage caused by system vulnerability exploits can vary depending on the nature of the exploit, but common consequences include loss of data/service, data breaches, and heavy recovery/repair expenses.
Guarding Against System Vulnerability Exploits
Because most of the exploits used by attackers are older ones, one of the best ways to protect against this threat is to keep your cloud-based systems and software up-to-date with the latest security patches. This can help plug the most commonly-exploited system bugs and keep your system safe.
Threat #5: Account Hijacking
Account hijacking attempts are an all-too-common way for hackers to circumvent your system security whether you’re using an on-premises or a cloud infrastructure. Hackers use a variety of attack strategies such as phishing and fraud to steal a legitimate user’s access credentials.
When hackers successfully steal the account information of an authorized user, they gain instant access to every system and piece of data which that account could access, plus a new access point from which to launch further attacks.
The impact of a successful account hijack is potentially enormous, depending on the level of access that the hijacked account had.
Fighting Account Hijacking
The best way to prevent account hijacking is to implement and enforce strong account security protocols across all levels of your organization. Everyone who has access to your cloud should observe basic cyber security protocols, including:
- Using strong passwords
- Never sharing account credentials with ANYONE
- Learning how to recognize and avoid phishing attempts
- Using multi-factor authentication, such as mobile authenticators
Each of the above techniques make it harder for hackers to steal and use account credentials.
Threat #6: Malicious Insiders
Sometimes, the most dangerous attacks don’t come from the outside, but from an authorized user who decides to abuse the access they’ve been granted. Malicious insiders can be one of the greatest threats to cyber security that any organization faces—mainly because they already have access to your systems.
This threat includes current and former employees, contractors, or even business partners/vendors with access to your system.
The impact of a malicious insider is typically as great or greater than the impact caused by a hijacked account.
Preventing Harm from Malicious Insiders
Unfortunately, preventing a current employee from causing harm can be incredibly difficult. Some basic steps that you can take to limit your exposure include:
- Revoking Access Credentials on Termination. Even when parting on good terms, when you end a business relationship, you should immediately revoke any access privileges that the employee, contractor, or partner had.
- Restricting Level of Access Where Possible. For any user account, try to limit access to data and apps to only what is necessary for their work. This helps to restrict the amount of damage caused when the insider strikes.
- Using Internal Firewalls for Individual Users and Apps. If an insider strikes, having a series of firewalls partitioning the different apps and virtual machines on your infrastructure can help to prevent that malicious insider from being able to compromise other systems on the network. This helps to limit the impact of such an attack to only what the account had direct access to.
Using these basic protections helps prevent or at least limit the damage of an inside attack.
…This series will continue with threats 7-9 that include: Advanced Persistent Threats, Data Loss, and Insufficient Due Diligence
To read about threats 1-3, Click Here.