Cloud Threats Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Now we're going to talk about some Cloud threats.
00:00
In this lesson, we going to talk about threats to
00:00
Cloud environments and how these threats
00:00
impact Cloud environments and then also how
00:00
the traditional threats that we often think about in
00:00
cybersecurity change or emphasize
00:00
differently based on the Cloud model or service.
00:00
Unfortunately, the number of threats
00:00
and the nature of them doesn't
00:00
change that much in the Cloud environment.
00:00
However, the presentation and
00:00
the nature of threats are what's different.
00:00
First, external threats.
00:00
This is your typical threat actors who either from
00:00
a financial or political or
00:00
just personal motivation want to
00:00
compromise these Cloud environments
00:00
and impact to your organization.
00:00
These external threats, they're are so many,
00:00
but most of the common ones are denial of service.
00:00
This is a threat
00:00
to an organization's availability
00:00
>> in a Cloud environment,
00:00
>> when a threat actor tries to overwhelm the
00:00
system through either packets of
00:00
information or the worst case is distributed denial
00:00
of service attack when a threat actor uses a group of
00:00
computers to flood and
00:00
try to cover the availability by
00:00
overwhelming a Cloud-based system.
00:00
But there are different technologies and
00:00
mitigations that can be used to sense
00:00
this and address the overflow of traffic
00:00
before it overwhelms the organization's website.
00:00
Then the typical data breaches
00:00
or people who are trying to use
00:00
brute force attacks to try and crack
00:00
the passwords associated with
00:00
various accounts in the Cloud environment.
00:00
Another important one to
00:00
consider are man-in-the-middle attacks.
00:00
Because the Cloud is accessed through the Internet,
00:00
the importance of protecting
00:00
communications and transit
00:00
becomes all the more important.
00:00
A man-in-the-middle attack, a threat actor is trying to
00:00
compromise the integrity of
00:00
information in transit and
00:00
either modify it or collect it for personal gain.
00:00
The importance of protecting against
00:00
man-in-the-middle attacks because most important,
00:00
in a private Cloud environment where
00:00
remote administration is relied on heavily,
00:00
ensuring that that communication is protected or
00:00
remains confidential is very essential.
00:00
Then we have insider threats.
00:00
Now, you see this frustrated individual?
00:00
You might, when you think of an insider threat,
00:00
not necessarily thinking of
00:00
a sleepy, overworked administrator.
00:00
However, one important thing to
00:00
think about is that in an insider threat,
00:00
these aren't necessarily malicious actions.
00:00
They can be mistakes taken by employees,
00:00
but within the Cloud,
00:00
administrators have more power than ever to change,
00:00
manipulate, scale up, scale out or
00:00
impact customers in these environments.
00:00
Controlling the rights of
00:00
administrator's ensuring that
00:00
no rogue actions are taken,
00:00
this is particularly important in
00:00
the public Cloud environment
00:00
when a single action
00:00
or changing configuration can affect hundreds,
00:00
if not thousands of customers.
00:00
Employees really, need to be trained to prevent
00:00
them from acting in
00:00
either negative or irresponsible ways.
00:00
One other type of
00:00
insider threat is escalation of privilege.
00:00
Sometimes, employees are
00:00
restricted in terms of the actions they can
00:00
take lightly, however,
00:00
the shared responsibility of
00:00
the Cloud can often lead employees to
00:00
intentionally increase their privileges
00:00
to execute you work tasks that they really want to do.
00:00
Then another aspect of
00:00
entire threats that's important to consider is because
00:00
you're relying on a third party for
00:00
either services or applications
00:00
or multiple third parties,
00:00
it's really important to monitor how people can
00:00
access the environment and whether
00:00
any inappropriate access is going on.
00:00
Then another threat is stolen or lost devices.
00:00
Look at this beautiful scene in
00:00
this cafe and that laptop just sitting there.
00:00
A plump item ready to be snatched away.
00:00
Because remote access is
00:00
such an important aspect of Cloud administration,
00:00
you really have to get more
00:00
consideration to how you protect
00:00
the physical devices that can access
00:00
the Cloud because any device that's stolen,
00:00
if not protected properly or encrypted,
00:00
can provide an opportunity
00:00
for someone to access
00:00
your environment without your permission.
00:00
Then there is just your traditional malware.
00:00
Malware is least impactful in
00:00
the SAS model because
00:00
people aren't really downloading
00:00
>> or installing software.
00:00
>> Infrastructures service and platform service are
00:00
more susceptible to malware.
00:00
However, given the SAS solution,
00:00
because the limitations of how customers are using
00:00
the application malware is less of a consideration.
00:00
Then overall,
00:00
natural disasters are always having to consider we'll
00:00
go more into how business continuity and
00:00
disaster recovery play a critical role in the Cloud.
00:00
But it's always important to consider,
00:00
especially when you're thinking about
00:00
where your hosting providers,
00:00
data centers are located.
00:00
What natural disasters could impact availability
00:00
of your services? Let's reflect a moment.
00:00
Which threats are most applicable to
00:00
your organization and how
00:00
would you address these threats?
00:00
We want to think in
00:00
domain through that you're in the driver seat,
00:00
you're accountable for setting up
00:00
this Cloud infrastructure and
00:00
protecting these Cloud environments.
00:00
Really, consider which of
00:00
these threats that we will discuss applicable
00:00
to your business case and your responsible.
00:00
How are you going to address these?
00:00
In summary, we talked about some of
00:00
these common Cloud threats,
00:00
and then we talked about how the Cloud changes
00:00
the impact of traditional threats,
00:00
as well as how different types of Cloud models
00:00
are more or less
00:00
impacted by the threats that we've described.
Up Next