Successful attacks against cloud platforms and infrastructure can be prohibitively expensive. The Dyn cyber attack that took place in October, for example, in which multiple denial-of-service (DoS) attacks targeting systems operated by DNS provider Dyn, rendered major Internet platforms and services unavailable to masses of users across Europe and the US.“The attack took down Amazon, Reddit, Tumblr, Twitter and others, and was carried out via compromised Internet of Things (IoT) devices, such as digital video recorders,” says Lutz Blaeser, MD of Intact Security, a provider of Bitdefender security solutions.
He says research indicates that around 70% of the world’s organisations now operate, at least on some level, in the cloud. “The benefits of cloud are numerous. Lowered and fixed expenses, greater flexibility, automatic software updates, improved collaboration, as well as the flexibility to work from anywhere at any time. It’s no surprise then that the adoption of cloud services is only set to increase in the future. However, alongside these benefits come a slew of security issues.”
At the same time, the increase in use of cloud services goes hand in hand with an increased risk to business disruptions due to widespread outages from some dependency in the cloud that is affected. “For example, a disruption in Google maps would have a roll-on affect on many other services. Similarly, an attack on Facebook’s authentication services could affect numerous other applications and Web sites that rely on Facebook authentication for users’ access. This is exactly what happened to the sites and services that were dependent on Dyn’s DNS services.”
However, it isn’t only DDoS attacks that could compromise cloud services, he says. “Take a look at the data breach at Target, which resulted in the loss of personal and credit card information of many millions of people. This breach was only one of many that affected businesses during the daily processing and storage of information. Whichever way you look at it, cloud computing has brought with it significant new vectors for attacks.”
As with all platforms and technologies, there is no silver bullet for cloud security. “While many of the past attacks on cloud systems haven’t been ‘new’ attacks per se, rather old ones that are aimed at cloud systems, Web application attacks constituted the majority of breaches this year. These attacks have included cross-site scripting, SQL injection, broken authentication and suchlike,” Blaeser says.
According to him, there are many other types of attacks that are worrying to organisations: Application weaknesses, targeted attacks and advanced persistent threats (APTs), new and sophisticated malware, access management and many others.
“Take APTs for example. Once they have gained a foothold into a company’s systems, irrespective of whether that system is a cloud system, an on-premise or Web application, they will exploit any vulnerabilities that exist to entrench themselves on the network, or use the compromised system as a stepping stone to attack other systems.”
And these attacks are costly. “The full financial impact of an attack is hard to determine. There are quantifiable costs such as loss of money, data and intellectual property, there are other costs such as damage to reputation, loss of customer confidence and similar, that are near impossible to measure.”
At the end of the day, the more businesses rely on cloud services, and the more the interdependence between these services escalates, the more the security posture of all these services matters, Blaeser concludes.
Behind the scenes – Intact Software Distribution is a dedicated software distributor focusing on providing a full range of security software solutions, coupled with the service performance and know-how of an experienced and specialised solution provider. Intact Security provides a focused approach to support and technical knowledge transfer in association with the channel. Where required, the company assists with implementation of the products. Intact Security is specifically focused on customer satisfaction, providing an all-round peace of mind scenario which results in collaborative engagements facilitating clients’ needs and requirements.
- Follow your consumers and do it BIG! | #LTM | #Marketing | Kevin Britz | Craig Page-Lee | #Podcast | #ebizradio - January 27, 2022
- How to use emotional intelligence to improve your sales? | The Shift Show | #Sales | #GrowGetters | Shelley Walters | Clive Vanderwagen | The Sales Counsel | Ready People | #ebizradio | #Podcast - January 26, 2022
- Just Talk to People | #Entrepreneur | Word of Mouth | Lindi Tshabangu | Laura Ruthven| Female Entrepreneur SA Magazine | #Podcast | #ebizradio - January 24, 2022
- Can technology take the pain out of recruitment? | #OneEyedMan | Mike Stopforth | Francois de Wet | #ebizradio | #Podcast - January 24, 2022
- Why understanding UBOs is critical |#Insight | #ebizradio | Jason Shedden | Contactable - January 24, 2022
- Making news headlines this week | #News | Kuhle Tshabalala | #Podcast | #ebizradio - January 21, 2022
- Motoring News – Chery Tiggo 8 – Suzuki V-Storm DL-650 | #Motoring | Diesel and Dust | Tumelo Maketekete | #Podcast | #ebizradio - January 21, 2022
- The State We’re In 2022 – Six Trend Pillars for this year | #Trends | #Insight | Dion Chang | Flux Trends | #Podcast | #ebizradio - January 20, 2022
- Female Leadership – Success Factors and Barriers to Overcome | #Insight | #ChangeConversations | Mpume Ncube-Daka | Moloko Komane | #Podcast | #ebizradio - January 20, 2022
- Taming the ‘black swan’ gives rise to the Gig economy | #Opinion | #Mamiki Matlawa | Qunu Staffing | #ebizradio - January 17, 2022