Companies such as Google, Amazon or Microsoft dedicate colossal budgets to ensure the infrastructures with which they provide their services or those that companies “rent” on cloud platforms such as Azure, Google Cloud service or AWS. However, despite the security of these systems, the data, applications and services that are implanted in them are not always secure and remain a very interesting target for attackers.
If you have part of your infrastructure in cloud services, there are quite a few very important vulnerabilities to which they are still exposed if you do not take precautions and we will see these which we must take measures to protect ourselves.
▸Denial of service (DoS) attacks
DoS attacks are designed to stop machines or services and prevent users from accessing their data or applications. By forcing a cloud service to consume excessive amounts of resources such as processor power, memory, storage, or bandwidth, attackers can slow down legitimate users’ systems or even leave them without access.
▸Abuse use of cloud services
Cloud services with poor security measures, versions and test services offered in them and account registration using fraudulent means of payment such as stolen cards can cause these cloud services to be attacked in many different ways, according to CSA. Attackers can use these cloud services to create attacking bots towards users, companies, or even other cloud services.
▸Data loss
Data in the cloud can be lost for reasons other than an attack: an accidental deletion by the service provider or a catastrophe such as a fire or earthquake can cause permanent data loss. Therefore, both the provider and the user must take security measures to have a backup of the most important data.
▸APT (Advanced persistent threats)
Persistent Advanced Threats are a form of attack that infiltrates systems to compromise a system that houses valuable information, but can also be to establish a foothold in the infrastructure of the companies that it is trying to attack, and from which steal data. APT pursue their targets stealthfor long periods of time, often adapting to security measures designed to defend against them.
▸Account theft
Account or service theft is not new, but cloud services add a new threat. If attackers gain access to a user’s login details, they can intercept activity and manipulate data, return falsified information, and redirect users to deceptive sites. With stolen credentials, attackers can access critical areas of cloud services to cause greater damage or carry out larger data theft.
▸Systems vulnerabilities
System vulnerabilities are exploitable bugs in programs that attackers can use to infiltrate a system to steal data, take control, or disrupt service. Operating system vulnerabilities put security at risk
▸Data breaches
A data breach or theft of these can be caused by a targeted attack or the result of human error, as well as vulnerabilities in an application or simply poor security practices, in this case it can be any type of information that should not be done public information, such as health, financial, personally identifiable information, trade secrets, and intellectual property. Of course, this data theft can take place both in cloud infrastructures and in those based on those of the organization itself.
