Blog A3Sec

Cybersecurity in the cloud, the keys to navigate in this digital wave

Written by Javier Díaz Evans, Director General Global | 18 August, 2022

Adoption of cloud solutions has advanced rapidly in the last two years as more organizations migrate their operations to the digital world driven by the pandemic. Global spending on such services is expected to reach US$482 billion by 2022, up 54% from 2020, according to estimates from U.S. consultancy Gartner.

Companies are accelerating in their race to migrate to the cloud as they advance in the development of platforms and other types of technological solutions for their operations that require this support for large flows of information, while many remote tasks demand these capabilities in the cloud, as analyzed by the specialized firm A3Sec.

But as this happens, cyber attackers have also identified the cloud as a target that is likely to be attacked - and above all very lucrative - forcing companies to reduce their attack surface from a prevention perspective with best practices and automated tools that today make it possible to shield critical information from these threats.

"Malicious actors will continue to use low-effort but high-impact strategies to gain access to cloud applications and services," anticipates Japanese multinational Trend Micro in a 2022 threat report.

Beyond the exploitation of new vulnerabilities in the information management on the cloud, which is eventually happening, the cyber attackers continue to appeal to strategies already known within the world of cybersecurity, against which there are shields that many companies do not use either by ignorance or by low investments in that division which make them vulnerable.

These attacks are mainly based on the identification of gaps in the organizations' cybersecurity policies regarding the cloud, ranging from basic aspects such as not rotating access keys and including double authentication of users or impersonation through emails, to exploiting unprotected information in SaaS applications and services.

Trend Micro also warned that these cybercriminals "will use the principles of the lateral shift movement in their attacks targeting DevOps tools and cloud integrated development environments (IDEs)."

 

The costs of attacks in the cloud, one more reason to protect yourself

The data stored in the cloud are among the most valuable assets of companies today, so exposing them can mean millions of dollars in losses for corporations, not only for the damage caused, but also because of the potential loss in users that can be triggered by the breach.

In its report Cost of a Data Breach: A view from the Cloud 2021, the U.S. technology firm IBM calculated the average cost of cyberattacks on cloud infrastructure according to their kind, such as public, private or hybrid cloud.

According to the report, the attacks that cause the greatest losses to organizations worldwide are those directed at the public cloud, which are estimated at US$4.8 million on average. On the other hand, the leaks that generate the least associated costs are those against the hybrid cloud, which are estimated at US$3.61 million in 2021. (IBM chart).

With the rise of cloud services, the cyber attackers focus their malicious campaigns on these infrastructures and try to identify breaches that can go unnoticed by corporate security teams for a long time before they are exploited.

Last year, for example, IT experts referred to vulnerabilities that at least since 2019 afflicted Microsoft Azure, the U.S. tech giant's cloud computing service.

A flaw in a database could expose the information of some 3,300 companies that use the service by allowing third parties not only to steal this data, but also to edit and even delete it, according to the specialists of the firm Wiz, who identified these vulnerabilities.

 

The security cannot be an obstacle for the migration to the cloud

According to A3sec, despite the challenges in cybersecurity and the challenging strategies of cyber attackers, companies cannot ignore the advantages of the cloud in their operations and therefore it is important that they do not stop their migration to these solutions.

According to figures from International Data Corporation (IDC), spending on cloud infrastructure and storage totaled US$21.1 billion worldwide in the fourth quarter of 2021 alone, an increase of 13.5% over the same period last year (IDC chart).

With these figures, the latest available from IDC, spending on cloud services reached $73.9 billion last year and marked an 8.8% increase, beating the difficulties generated by the logistics crisis in the world and the lack of inventories in this market that continues its course after the momentum generated by the pandemic when the remote model triggered the digitization of operations in many industries.

"As backlogs continue to grow, the pent-up demand bodes well for future growth, as long as the economy remains healthy and supply catches up with demand," he forecasts in this March 2022 report.

 

The strategies supporting the migration to the cloud

A3sec's IT security experts state that it is important that cybersecurity policies in the cloud are based on the concept of shared responsibility, under which the cloud service provider must ensure the correct operation of the infrastructure and network so that no leaks are generated in the different processes, while customers must ensure the correct operation and configuration of the systems to keep them secure.

The attitude of the clients of these services towards cybersecurity is key to avoid information leaks that, by adopting the right measures, would be avoidable. In this regard, a 2021 report by technology company Verizon concluded that erroneous actions contributed to 17% of data breaches that year.

In addition, companies in the cybersecurity sector, such as the Slovakian ESET, recommend a series of measures that include carrying out a continuous audit in order to check that cloud cybersecurity policies are complying with the standards required by the business.

Likewise, companies are invited to appeal to prevention and compliance, adopting actions that can be decisive in the event of an attack, such as encrypting critical data for the operation, restricting permissions to users who can access the cloud and adopting automation so that system configurations are always correct, minimizing human errors that can lead to costly responses and reputational blows that are difficult to heal.