The Importance of Remaining Vigilant When Your Critical Data is in the Cloud

One of the more ubiquitous concepts in today’s technological lexicon, and one that is often not fully understood by the individuals who engage with it daily, is ‘The Cloud.’ Most of us are aware enough to know we aren’t talking about the tropospheric (stratospheric or mesospheric) phenomenon but something equally ethereal and complex. When we talk about cloud technology, the reference is to remote servers accessed over the internet to store, manage, and process data instead of local servers that reside on an organization’s premises.

The critical component of differentiation for understanding the Cloud is that it is remote, Internet-based, and entirely inaccessible if you are without an Internet connection.?

The National Institute of Standards and Technology (NIST) identifies five core components required to fit the definition of Cloud computing:

1. On-demand self-service: tasks related to completing cloud-based functions without having to depend on a human being each time
2. Broad network access: the service can be accessed via a variety of common tools, including laptops or cell phones.
3. Resource pooling: numerous different resources can serve multiple different clients simultaneously and in countless different ways
4. Rapid elasticity or expansion: from a user perspective, the capacity of the cloud resource appears infinite as it scales to meet network demand
5. Measured service: the capacity for resource usage (i.e., bandwidth or storage size) can be quantified and provided to both the user and provider of cloud services(Source used for definitions: https://csrc.nist.gov/glossary )

Now that a basic, working understanding of the Cloud has been established, it is important to understand some of the significant challenges and threats associated with this cyber space. Because the Cloud is readily available for its benevolent users, it is necessarily also available to malicious actors seeking to disrupt this environment that houses immense amounts of personal and sensitive information. The nature of threat actors is to understand technological innovations to find pathways of intrusion and disruption. At SpearTip , our team has seen a variety of threat types associated with the growth of Cloud usage.

With increased Cloud usage, there has been a tremendous increase in Business Email Compromise (BEC) attacks, which involve unauthorized access to corporate email accounts for fraudulent activities. Cloud computing can amplify BEC risks due to widespread reliance on shared cloud-based email services, making it challenging to secure against sophisticated phishing and unauthorized access attempts. Additionally, and closely related to BEC attacks, is the growing threat of account takeover (ATO). This involves unauthorized access to user accounts. Cloud computing can exacerbate ATO due to centralized authentication systems and shared resources, making preventing and detecting breaches across diverse, interconnected services challenging.

One technology developed to prevent such attacks, which is extremely effective in most cases, is Multi-factor authentication (MFA). With MFA enabled, users are forced to not only include a password to access their cloud account but also a one-time use token or text passcode. Threat actors, though, have created MFA bypass methods that circumvent these additional security layers, typically by placing themselves—or their own software—between the user and the remote server. Cloud computing can pose challenges due to centralized MFA services and shared infrastructure, creating potential vulnerabilities if not properly secured.?

A fourth challenge associated with increased Cloud usage is wire transfer fraud, a cyberattack that often originates following a successful phishing or social engineering campaign. Wire transfer fraud involves deceptive practices to initiate unauthorized fund transfers. Cloud computing can exacerbate the issue due to remote access vulnerabilities and shared infrastructure risks.

How To Respond to Cloud-Based Challenges

Given the immense challenges brought on by the increase in cloud computing, organizations must protect their critical assets and sensitive data. Cloud monitoring capabilities empower businesses to safeguard operations and protect their environment against the threats mentioned above. Impactful cloud monitoring services, which are typically deployed at the endpoint level, help elevate cybersecurity posture by providing high-level insights with a unified monitoring and alerting system, some of which are supported by a 24/7/365 Security Operations Center (SOC) that leverages the tools embedded in the software to respond to and remediate threats within an affected environment.

Beyond cloud monitoring services, individuals and organizations must engage in training to better learn how to identify and respond to suspected attacks. All four featured cloud-related threats involve user error or human susceptibility in some form. In fact, according to Verizon ’s 2023 Data Breach Investigations Report, “74% of all breaches include human error, privilege misuse, social engineering, or stolen credentials.” Addressing these preventable issues and reversing the trend is necessary to limit the harmful threats of cloud computing. Educating yourself and your team on how to identify and adequately respond to all manner of cyber threats that could negatively impact your organization is imperative.

Because the Cloud is ubiquitous and proliferating, its continued presence is all but guaranteed. That does not mean, however, that the same has to be true with Cloud-based cyber attacks.

In the United States, Zurich Resilience Solutions managed security services are provided by SpearTip, LLC. Copyright ? 20xx SpearTip, LLC