Moving to the Cloud? Buckle Up!

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Moving to the Cloud? Buckle Up!

POSTED BY RYAN TROST

What seems like a million years ago, before “real” password management and Active Directory, user passwords were stored locally on each device itself.  This caused regular maintenance to be a monumental effort and as such, a centralized password manager was built. This effort benefitted system and network administrators but also provided a huge benefit to attackers as now compromising an account or two offered significant lateral movement options.  Why steal the milk when you can steal the cow?! […or something like that]

Fast forward and organizations have been slowly and steadily moving to cloud – whether offloading an enterprise-wide application like email, leveraging a third-party service such as SFDC/Box/GitHub, or leveraging third-party hosting infrastructure like AWS.  At face-value the benefits outweigh the downfalls. But the security shortcoming is a biggie.

In most of these situations your security team will lose visibility into that environment!  Most reputable cloud services will offer a security alert feed, but it likely won’t be as granular or flexible as the team will need, or in a digestible file format. This leaves the organization blind and completely reliant on the cloud provider’s internal team.  Admittedly, most large service providers have very large security teams…some of the best in the industry actually! But those teams are hamstrung by the inverse problem – only having access to what they see and not the full picture.

So now, put yourself in the shoes of an attacker.  Historically you’ve been targeting individual companies – one-by-one via script or hands on a keyboard launching your attack against 20 to 30 different companies either at once or staggered across a couple of campaigns.  Seems like a big hassle. Particularly when you suspect 85% of your targets are leveraging a similar cloud provider for some aspect of their business. Why not target that provider and grab access to all your victims at once?!  Not only are there efficiencies to be gained, but it also creates some obfuscation…ding, ding, ding! Sounds like a winning strategy.

With all organizations moving to some form of cloud, it’s pretty reasonable to assume every attacker — whether nation-state, crimeware, etc. — is now aiming attacks against these bigger targets in order to find that initial foothold into the unwitting downstream victim.  So as companies move to cloud hosts, buckle up — because it’s just a matter of time before implosion.

The post Moving to the Cloud? Buckle Up! appeared first on ThreatQuotient.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
80 Followers
About ThreatQuotient
ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ, provides defenders with the context, customization and collaboration needed to ensure that intelligence is accurate, relevant and timely to their business. Leading global companies are using ThreatQ as the cornerstone of their threat operations and management system, increasing security effectiveness and efficiency. For more information, visit http://www.threatquotient.com.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel