Cyber Security Breaches in Cloud Computing

Cloud computing has been adopted by almost every organization due to its various benefits and work flexibility. However, with this adoption of the cloud, certain cybersecurity issues have been observed in cloud computing.

Approximately 94% of organizations are moderate to extremely concerned about cloud security and feel the need to take preventive measures for breaches in cloud computing. It has become a priority to ensure that the organization’s cloud security strategy can protect against the top threats to cloud security.

Cybernetic Global Intelligence observed the biggest security threats to public clouds organizations ranked Configuration (68%), followed by Unauthorized Access (58%), Insecure Interfaces (52%), and Hijacking of Accounts (50%). However, a significant increase has been observed in stealing data (hacking) from cloud databases.

Here we discuss some of the latest examples that include violation of cybersecurity in cloud computing.

 

1.   Health Data breaches

The news came from a 20/20 Hearing Care Network regarding data hacking. In this case, an actor hacked into the provider’s Amazon Web Services cloud storage bucket and downloaded or destroyed data.

Around 3.3 million patients were notified that their information stored in the hospital’s cloud database was accessed and deleted by the hacker.

Suspicious activity was observed on January 11 in the cloud storage environment of the hospital. 20/20 hospital was alerted, and the security team quickly took action to secure the impacted systems.

They also launched a report for further investigation. The hospital was engaged with law enforcement, the FBI, and an outside security firm to investigate the hacking case. The destroyed data included names, Social Security numbers, dates of birth, member identification numbers, and health insurance details.

The hospital assured that all impacted patients would receive free credit monitoring with identity theft assistance and insurance. Although the investigation could not determine exactly what information was accessed or removed from the cloud database.

It was just stated that the hacker accessed or downloaded certain information before deleting it completely from the database. Later the hospital analyzed all the information of its member database and health plan partners to identify the individuals who the security incident could impact.

In such cases, the recovery of lost data is important with the validation of relevant database records.

 

2.  Ransomware attackers

At least 16 Conti ransomware attacks were reported by FBI alert in May. These attacks targeted the US healthcare and first responder networks. Including the law enforcement agencies and emergency medical services within the last year. Total 400 organizations worldwide hit by Conti.

The Waikato DHB incident happened in which the cyber attackers uploaded stolen data to MEGA.NZ. Mega was one of two cloud storage services. The Waikato attack used ransomware called Conti, or Zeppelin, in which 220 million account holders’ encrypted files were damaged. One of the indicators of a Conti ransomware attack is large transfers to pCloud servers.

Strong, user-generated end-to-end encryption guarantees that nobody else will have unauthorized access to your data, not even the provider. The provider grants access to user information and data in extremely limited situations only when it has written assurance from authorities that life or health was at stake. The accounts (encrypted) must be closed for sharing, stolen or exploitative content.

Legal orders must be made for disclosed informative accounts. However, it is difficult to identify people with a track history of stealing data or to block them from opening an account. It is almost impossible to filter or investigate or index the whole wide world of a cloud database.

After hacking cloud storage, even if the files are encrypted, a provider can access user registration information and IP addresses. This can result in some recovery of data.

 

3.  Cloud-based comprises

According to a new report, it was investigated that compromised cloud accounts led to an average financial loss of $6.2 million for surveyed organizations which accounts for an average of 3.5% of their total revenues over the past 12 months. Hence there’s no doubt that cloud compromise is expensive with a continued rise in its cost.

The Ponemon Institute, commissioned by Proofpoint, surveyed 662 IT and IT security pros in the US to study the business protection of confidential data in cloud databases. It was discovered that cloud-focused attacks are expensive for victims. In most cases, there was a lack of process for cloud-based resources and evaluation of the security.

A 53% increase was reported in the frequency of cloud account compromises which is a severe issue. Almost 19 cloud compromises on average were observed last year. Exposure of these sensitive data in such cloud compromises could cause data theft, business disruption, and reputational damage.

The use of cloud apps and services without IT approval can be a serious risk to cloud data. However, many reports stated that this happens within their organizations. And it is important to understand that the IT team has very little control over corporate data in the cloud database.

According to researchers, an average of 42% of corporate data is stored in the cloud, and IT controls only 27% of the data. This results in more than two-thirds of cloud services are managed by outside departments rather than corporate IT.

SaaS applications have received a boost and continue to grow. Nearly 80% of respondents said their organizations use SaaS, of which approx 36% of an organization’s business-critical applications depend on SaaS, also known as on-demand software.

Security issues arise when most organizations do not check the security of SaaS apps before using them or poor evaluation of SaaS apps for security. According to the researchers, there is a lack of centralized accountability for securing SaaS apps.

Organizations have created clearly defined roles and accountability for protecting confidential or sensitive data stored in the cloud database. But when it comes to protecting data in the Cloud, (59%) organizations or firms rely on Encryption, Tokenization, and other tools, (56%) Cloud Service access brokers, and private data network connectivity (42%).

Spearphishing, harvesting user cloud credentials, modifying email forwarding rules, poor configuration setups due to remote access leaving many organizations with vulnerable networks, are just some of key concerns identified during Security Audits by Cybernetic Global Intelligence cyber security auditors.

Many security issues are rising related to the cloud database. Hence, it is crucial to manage necessary processes to validate different apps used, data uploaded into the cloud, transfers made to the cloud, etc.

Organisations need to ensure data stored in cloud is meeting their business corporate cyber security requirements and ensuring the cloud providers are meeting the required cyber security compliance laws as per countries jurisdiction requirements.

Cyber Security Service Provider Cybernetic Global Intelligence (CGI) a leading Aussie cybersecurity firm with years of experience providing outstanding cybersecurity services. Our cyber security auditors are happy in working with you should you have any concerns in relation to protection of data. You can call 1300 292 376 or send an email at any time to Contact@cybernetic-gi.com for assistance.

Post a Comment