Successful attacks against cloud platforms and infrastructure can be prohibitively expensive. The Dyn cyber attack that took place in October, for example, in which multiple denial-of-service (DoS) attacks targeting systems operated by DNS provider Dyn, rendered major Internet platforms and services unavailable to masses of users across Europe and the US.“The attack took down Amazon, Reddit, Tumblr, Twitter and others, and was carried out via compromised Internet of Things (IoT) devices, such as digital video recorders,” says Lutz Blaeser, MD of Intact Security, a provider of Bitdefender security solutions.
He says research indicates that around 70% of the world’s organisations now operate, at least on some level, in the cloud. “The benefits of cloud are numerous. Lowered and fixed expenses, greater flexibility, automatic software updates, improved collaboration, as well as the flexibility to work from anywhere at any time. It’s no surprise then that the adoption of cloud services is only set to increase in the future. However, alongside these benefits come a slew of security issues.”
At the same time, the increase in use of cloud services goes hand in hand with an increased risk to business disruptions due to widespread outages from some dependency in the cloud that is affected. “For example, a disruption in Google maps would have a roll-on affect on many other services. Similarly, an attack on Facebook’s authentication services could affect numerous other applications and Web sites that rely on Facebook authentication for users’ access. This is exactly what happened to the sites and services that were dependent on Dyn’s DNS services.”
However, it isn’t only DDoS attacks that could compromise cloud services, he says. “Take a look at the data breach at Target, which resulted in the loss of personal and credit card information of many millions of people. This breach was only one of many that affected businesses during the daily processing and storage of information. Whichever way you look at it, cloud computing has brought with it significant new vectors for attacks.”
As with all platforms and technologies, there is no silver bullet for cloud security. “While many of the past attacks on cloud systems haven’t been ‘new’ attacks per se, rather old ones that are aimed at cloud systems, Web application attacks constituted the majority of breaches this year. These attacks have included cross-site scripting, SQL injection, broken authentication and suchlike,” Blaeser says.
According to him, there are many other types of attacks that are worrying to organisations: Application weaknesses, targeted attacks and advanced persistent threats (APTs), new and sophisticated malware, access management and many others.
“Take APTs for example. Once they have gained a foothold into a company’s systems, irrespective of whether that system is a cloud system, an on-premise or Web application, they will exploit any vulnerabilities that exist to entrench themselves on the network, or use the compromised system as a stepping stone to attack other systems.”
And these attacks are costly. “The full financial impact of an attack is hard to determine. There are quantifiable costs such as loss of money, data and intellectual property, there are other costs such as damage to reputation, loss of customer confidence and similar, that are near impossible to measure.”
At the end of the day, the more businesses rely on cloud services, and the more the interdependence between these services escalates, the more the security posture of all these services matters, Blaeser concludes.
Behind the scenes – Intact Software Distribution is a dedicated software distributor focusing on providing a full range of security software solutions, coupled with the service performance and know-how of an experienced and specialised solution provider. Intact Security provides a focused approach to support and technical knowledge transfer in association with the channel. Where required, the company assists with implementation of the products. Intact Security is specifically focused on customer satisfaction, providing an all-round peace of mind scenario which results in collaborative engagements facilitating clients’ needs and requirements.
- Abundance is not what’s in your wallet | #Insight | #LunchtimeSeries | Kevin Britz | Naomi Basson | #Podcast | #ebizradio - October 18, 2021
- How important is Employer Branding to you and your business? | #Insight | #HR | Pabi Mogosetsi | UNIVERSUM | #Podcast | #ebizradio - October 18, 2021
- Motoring News | Diesel and Dust | Tumelo Maketekete | #Motoring | #ebizradio | #Podcast - October 15, 2021
- How is AI going to affect both Business and the Advertising landscapes? | #Marketing | #LunchtimeSeries | Kevin Britz | Craig Page-Lee | #ebizradio | #Podcast - October 15, 2021
- How do youth actually consume content? | #Entrepreneur | #WordOfMouth | Lindi Tshabangu | Khathutshelo Bapela | #Podcast | #ebizradio - October 14, 2021
- Since SA has have moved to level 1 lock-down, what effect is this having on the markets? | #Insights | #Trading | Zihad Israel | CMTrading | #ebizradio - October 14, 2021
- Behind the scenes with a Theater Producer | #BusinessBrunch | #Insight | Björn Salsone | Bernard Jay | #Pantomime | #Podcast #ebizradio - October 12, 2021
- Now is the time to make money in this market | #Insight | #Money | Daniel Kibel | CMTrading | #ebizradio - October 11, 2021
- How Trade Specialisation might make you a rich Forex trader | #Insights | Finance | Tope Ijibadejo | CMTrading | #ebizradio - October 8, 2021
- Who are and why are these South Africa’s brands ranked the most valuable? | #Marketing | #Insight | Kevin Britz | Craig Page-Lee - October 7, 2021