Cloud services targeted by cyber criminals - Starline Computer: Storage und Server Lösungen von erfahrenen Experten
/ / / Cloud services targeted by cyber-criminals

Cloud services targeted by cyber criminals

Why you should perhaps opt for local solutions after all.

In July 2023, the security company Wiz announced that it had succeeded in identifying a stolen Microsoft key. This key could be used to access a customer's Azure environment and steal confidential data. Wiz shared that the key was offered for sale on a darknet forum.

The discovery of the key is proof that cloud platforms are a potential target for cyberattacks, and businesses that use cloud services should be aware of this. They should therefore take appropriate security measures to protect their cloud environments or rely on on premises solutions.

Security risks of cloud computing

  • Loss of visibility
  • Compliance breaches
  • Lack of cloud security strategy and architecture
  • Insider threats
  • Contractual breaches
  • Insecure application user interface (API)
  • Misconfiguration of cloud services
Cloud Parachute

Not the first time

The last incident, after all, was not long ago: A security vulnerability was discovered in the Microsoft Azure cloud platform as early as January 2023. The vulnerability was classified as CVE-2022-30196 with a severity of critical. It could be used to execute remote code and potentially gain access to sensitive data or systems.

This vulnerability affected the Open Management Infrastructure (OMI), a software component in Azure used to manage Azure resources. The vulnerability could be exploited by a malicious attacker sending a specially crafted request to an OMI instance. This allowed the attacker to execute arbitrary code on the OMI instance, including accessing sensitive data or causing denial of service attacks.

The response

Although Microsoft quickly fixed the vulnerability and released an update for Azure, the loss of trust remains - regardless of the fact that customers were asked to install an update as soon as possible.

The Azure vulnerability is an example of how cloud platforms can also be vulnerable to security breaches. Companies that use cloud services should be aware that they are a potential target for cyber attacks. They should therefore take appropriate security measures to protect their cloud environments.

This is how you increase the security of cloud environments:

  • Use strong passwords and enable multi-factor authentication.
  • Restrict access to authorised users.
  • Use a firewall to block unwanted access.
  • Conduct regular security audits.
  • Use cloud-native security solutions.
  • And as always, install all updates as soon as possible.

Documented incidents of security vulnerabilities in cloud applications:

  • 2017: Equifax, a credit agency, suffered a massive data breach in which personal data of around 147 million people was stolen. The vulnerability was due to an unpatched Apache Struts vulnerability.
  • 2019: Security researchers from Check Point Research discovered a vulnerability in the Amazon Web Services (AWS) cloud platform that allowed attackers to gain unauthorised access to customer data.
  • 2019: An attacker exploited a vulnerability in a firewall to access an AWS instance and steal data from over 100 million Capital One customers.
  • 2019: An intruder gained access to a Docker Hub account and infected a variety of official Docker images with malicious code.
  • 2020: During the COVID-19 pandemic, security concerns were raised about Zoom as some vulnerabilities compromised user privacy. Unauthorised persons may have been able to participate in or disrupt private video conferences.
  • 2020: A vulnerability in the Google Cloud Storage API allowed attackers to gain unauthorised access to customer data.
  • 2020: A large-scale outage in Google Cloud services caused disruption to numerous websites and services that used Google infrastructure. 
  • 2021: Security researchers discovered a vulnerability in the Microsoft Azure SQL Database that allowed attackers to gain unauthorised access to customer data.
  • 2021: A vulnerability in the Microsoft Exchange cloud application led to emails and other data from more than 30,000 organisations being accessed.
  • 2022: A vulnerability in the VMware vCenter Server appliance allowed unauthorised access to customer data.
  • 2023: Security researchers at Wiz discovered a vulnerability in the Microsoft Azure cloud platform that allowed attackers to gain unauthorised access to customer data.
  • 2023 and before: Several cases were reported where Amazon Web Services (AWS) S3 buckets were not properly configured, resulting in confidential data being publicly available on the internet.

Learn more about cloud security:

https://kinsta.com/de/blog/cloud-sicherheit/

https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Informationen-und-Empfehlungen/Cloud-Computing-Sicherheitstipps/Cloud-Risiken-und-Sicherheitstipps/cloud-risiken-und-sicherheitstipps_node.html

https://www.computerwoche.de/a/sicherheitsrisiken-in-der-cloud,3224964

https://www.heise.de/news/Microsoft-warnt-vor-neuen-Angriffen-auf-Sicherheitsluecken-in-Exchange-Servern-6002877.html

https://www.heise.de/news/Zoom-schliesst-Sicherheitsluecke-in-Videokonferenzsystem-4710228.html

https://www.heise.de/news/Capital-One-Hackerin-zu-fuenf-Jahren-Haft-verurteilt-6002519.html

https://www.heise.de/news/Neue-Erkenntnisse-Microsofts-Cloud-Luecken-viel-groesser-als-angenommen-9224640.html

https://www.golem.de/news/horror-szenario-wird-wahr-cloudanbieter-verliert-kundendaten-durch-hackerangriff-2308-177014.html

 

Do you need advice on this?

We are glad to help!

BW
Bernd Widmaier
Sales

Sales manager and expert in vertical markets and in Mac, video storage and media streaming.