Cloud computing spend increased by a third in 2020. Amazon maintained its majority market share at 31% and enjoyed a 28% growth over the third quarter. Microsoft also benefited, with lockdown placing a high demand on Teams, Windows Virtual Desktop and other services running on Azure.
This isn’t surprising, given how the pandemic instigated a mass transition into working from remote workplaces. Perhaps less predictable though, was how this growth in users led to an increase in the number of cyber-attacks.
More businesses operating online means greater opportunities for cybercriminals. New forms of attack are created every day, designed to outwit any protective methods or cybersecurity in place. And the repercussions of a successful attack can be devastating for a business of any size.
So, what kind of attacks do you need to be prepared for in 2021?
An advanced persistent threat is an attack where an unauthorised user gains access to a system or network and hides there, intending to steal data. While cloud architecture is strong, it has a flexibility when it comes to creating new instances and running virtual machines that, if not secured, lets malicious actors launch persistency attacks.
To automate some of the development process, cloud platforms make it easy for developers to build an environment in an on-off manner. However, these features also allow bad actors to plant persistent threat attacks. Due to the automatic nature of these cloud platforms, a well-placed persistent threat attack can move laterally through your infrastructure.
This allows them to either steal data, or acquire privileges to further exploit your assets. It is preventable, however. For example, if your administrator is proactive, they can add security features such as requiring developers to log in each time they return to an environment.
A bot attack or a botnet attack is the result of a collection of devices infected by malware that can be controlled by bad actors. They’re used to gain authorised access, perform data theft and launch DDoS (distributed denial of service) attacks.
Even the cloud isn’t entirely free of bots. In fact, increasingly, ‘bad bots’ can be found in cloud-based data centres. In the wrong hands, they can be used to enslave cloud infrastructure and perform tasks such as cryptomining (a crime considered to be more dangerous than ransomware) where hackers gain unauthorised access to your infrastructure to mine cryptocurrency.
This threat continues to evolve, and we’re now faced with variations of cryptomining that specifically have the ability to steal AWS credentials. It’s possible to avoid this by limiting access to this kind of data, but that relies on proactive administrators knowing what to protect.
Both of the above threats can be prevented if you have the internal expertise to handle them. The trouble is, most organisations don’t. According to the Cloud Security Alliance, 34% of businesses currently avoid the cloud because they don’t believe they can support it.
And they’d be right. As cloud computing grows, we see its skills gap widen. The average enterprise now uses five cloud platforms, which understandably starts to complicate things. This means inexperienced architects are more likely to leave your business exposed not just to hackers, but also to regulatory mandates.
That’s not all. Failing to follow legislation rules such as GDPR, FISMA or HIPAA, could find you facing an investigation that costs more than a cyber-attack. Working with a cloud provider doesn’t make you immune. Most platforms even have a shared responsibility model to highlight your data protection responsibilities.
Aside from brushing up on your cloud knowledge, the best course of action is to assess your current cybersecurity strategy and check for any gaps. Ensure your team is proactive, prevent access to bad actors, and encourage all administrators to pay close attention to new or potential threats.
Need a little extra help securing your cloud platforms?