Threats in the cloud: a navigator’s guide

Amid the scramble to adopt cloud-based services in the wake of the global pandemic, many businesses have unwittingly put themselves at significant risk of cyber-attack…

Like bees to a honeypot, hackers are drawn to the glut of valuable information increasingly stored online. Even pre-Covid, 48% of companies were keeping intellectual property and business intelligence in the cloud, while around 43% were storing information on customers [source: SANS Institute].  We were already seeing a growing number of attacks (ranging from the mundane to the highly complex and targeted), but since coronavirus the rise has been even more marked.

When you sign up for a cloud service, it is your responsibility to secure the information you store and process there, not the provider’s. But only by understanding the nature of the threats you face can you begin to mitigate them effectively. So we thought we’d give you a helpful primer on some of the main ones we’re seeing.

Malware everywhere

 Malware’s a catch-all term for any piece of malicious software that clandestinely finds its way onto a system – be it a laptop, smartphone, desktop, server or some attached device. It could be doing anything from stealing information such as logins and passwords (currently the dedicated  purpose of a third of all malware we find) to taking full control of the device (in order, for instance, to spread more malware or launch attacks on other, potentially more valuable, systems).

Often, users are tricked into installing malware – for example, by clicking on an infected link or email attachment, or by installing a rogue app. More insidiously, a growing number of variants invisibly install themselves by exploiting bugs or unpatched holes in another piece of software you’re running, often the device’s operating system itself. Increasingly, and most worryingly, simply visiting an infected website can cause a device to become infected – with no action required on the user’s part. If a remote user’s device has been compromised, and they also use that device to access your cloud services, they could unwittingly be giving hackers access to your data and systems.

Ransomware running rampant

 Another growing threat is ransomware, a specific type of malware that encrypts an organization’s data and prevents it from accessing its systems until it pays a ransom fee. Typically, we’re seeing ransomware deployed as a secondary attack, once a device with access to a target organization’s cloud systems have already been compromised by other malware. From here, attackers can upload the ransomware to your cloud service (for example,  by embedding it in seemingly innocent documents, files or links) where it can be inadvertently launched by one of your employees inside the organization’s firewall. That way, it’s able to bypass any security you may have set up to detect malware on people’s devices or at the perimeter of your network.

While up-to-date security software on a device should catch known threats, more advanced hackers – especially when attacking valuable targets – will deploy previously unseen  (so-called ‘zero-day’) threats, which can’t be detected by traditional antivirus (AV) software. And although AV is often installed on home laptops and desktops, many users are less than diligent about keeping it updated. In addition, most smartphones and tablets (which are increasingly being used by remote users to access their employer’s cloud services) typically remain unprotected.

The human

Continue reading

This post was originally published on this site