Attack vectors

The cloud is helping to speed up the digital transformation of enterprises, yet this very speed of transformation can exacerbate the security risks already plaguing the digital world.

Before analyzing the methods that cybercriminals use to attack the critical infrastructure of organizations, it is important to highlight the different types of cloud storage that can be used:

  • Public cloud (the most common)
  • Private cloud
  • Hybrid cloud
  • Multicloud

These four types of data storage offer numerous cloud computing services that can be accessed remotely via the internet:

  • Infrastructure-as-a-Service (IaaS) offers a cloud computing infrastructure on-demand and according to the needs of companies (e.g. AWS, Microsoft Azure);
  • Platform-as-a-Service (PaaS) provides developers with cloud components that they can use to create custom applications (e.g. Windows Azure);
  • Software-as-a-Service (SaaS) uses the internet to provide users with applications designed, developed, and managed entirely by an external provider (e.g. Google Workspace, Dropbox).

The question we will answer in the following lines is: how do hackers attack cloud services?

Here are some of the main attack vectors:

  • Incorrect configurations: maintaining cloud security configurations is considerably complex and the risk of configuring an asset incorrectly is high, especially when an organization is at the beginning of a cloud migration or interfaces with a new provider;
  • Authentication and access control: Access control in cloud environments is more complex than that of an internal network, creating more opportunities for misconfigurations;
  • API configuration: APIs (Application Programming Interfaces) used to access cloud resources can be misconfigured and used by hackers as an attack vector;
  • Phishing is the failure to update and patch your own operating systems and applications for the customer. These oversights and negligence can pose great dangers and expose the organization to external attacks, such as DDoS and malicious software.

Among these types of carriers, misconfigurations may seem trivial, but they are the most significant risks to this type of storage.

Cloud services encompass a multitude of interconnected settings, policies, resources, and services that make it a sophisticated environment that is complex to understand and configure correctly. This is especially true for organizations that have been forced, for one reason or another, to rapidly migrate to the cloud. Unfortunately, problems can ensue when businesses start using a new technology too quickly without fully understanding its complexity.

As an attack vector, misconfigurations can be very dangerous and have been the reason for massive data breaches in recent years.

Cloud attacks and data breaches

Among the most important risks and attacks on cloud environments, the violation of sensitive data is certainly the most impactful. For example, in 2020, the adult website CAM4 inadvertently disclosed 10.88 billion records that included users’ personally identifiable information (PII), payment records, and password hashes due to an insecure Elastic Search database.

Author: D Groove
Full article on: https://www.dgroove.it/gli-attacchi-informatici-sul-cloud/9074/