School of Information Systems

CLOUD SECURITY AWARENESS

… (Continued….)

DENIAL OF SERVICE

Denial of service is a security attack that affects cloud users by restricting them from accessing hosted applications. The attack compels the cloud service to consume system resources, such as disk space, processing power, or network bandwidth. This type of attack results in a non-responsive service leading to potential financial losses and destroys the reputation of the cloud provider. Cloud services on the Internet are commonly the target of Distributed Denial of Service (DDoS) attacks. The attacks can be DNS amplification attacks, SYN floods, asymmetric application-level attacks, and malformed UDP and TCP packets. During Asymmetric application-layer attacks, an attacker takes advantage of cloud resource vulnerabilities, like web servers and databases that help him or her to take out a service using a small payload.

Neustar examined the global outbreak of DDoS attacks throughout all sectors, but gave Healthcare IT News with a healthcare-specific report.

Its analysts found that DDoS attacks have increased by 13 percent since 2016 on the healthcare industry. Furthermore, the U.S. suffered 14 percent more attacks compared to its global counterparts.

Even more shocking, of the 2017 DDoS attacks on healthcare, 45 percent of all the organizations concluded that the attack was from an outside party. And of these attacked organizations, more than half were not informed by IT about it.

Businesses can detect DDoS attacks by tracking the traffic for significant amplification of the number of packets-per seconds. There are some cases where the service stays available for users, but the used bandwidth to get to the service can be consumed, leading to unworthy or unreachable service.

THREAT-ORIENTED INTERFACES AND APIs

Cloud customers can get access to a set of APIs provided by the cloud vendors to manage the cloud services. These interfaces are used for provisioning, orchestration, management and tracking. The security of the cloud services depend on this APIs security, and so they should be designed with security in mind to safeguard against attempts to circumvent the security policy.

There are some cases when security risks are instigated by the providers along with custom services that are developed on top of these interfaces. It is essential that cloud customers know the full extent of the security implications related to the management, using and monitoring of Cloud Services. A weak interface set poses cloud consumers to security threats associated with availability, integrity, and confidentiality of data. Various platforms ensure cloud security, and you can dive in deeper of cloud computing by taking training like AWS training from experts.

CLOUD SERVICES ABUSE

The cloud services abuse is a threat that emerges from the fact that an attacker can use large amounts of computing power for malicious purposes that range from cracking an encryption key to the staging of a DDoS attack. Cloud Service providers should consider this threat while developing the incident response strategy and the acceptable use policy that SaaS users, PaaS developers, and IaaS administrators can use for risk reduction.

SHARED TECHNOLOGY VULNERABILITIES

By sharing the infrastructure, platforms and applications, the cloud service providers are able to deliver their service in a scalable way. If the cloud infrastructure components do not offer isolation properties for applications or infrastructures being used by various clients, the cloud provider is posed to a new type of threat and vulnerabilities that exist in the shared technology. A single vulnerability can result in the compromise of the complete client portfolio of the cloud service provider. The virtual machine monitor or hypervisor is a computer software particular to cloud infrastructures that operate virtual machines. If an attack remains successful on this component, it has potential to expose the whole environment.

LACK OF DUE DILIGENCE

Businesses that plan to align with cloud technologies should know all of the aspects of such a cloud change.Cloud providers commit rational efficiencies and cost cuttings but this has to be done with the thorough understanding of the services and applications that exist in the cloud, or else companies expose themselves to various risks. Security issues crop up when developers who are not acquainted with the cloud computing are working on a cloud application. Sufficient resources must be given to performing due-diligence to under to know the risks of adopting the new computing model.

https://allcloud.io/blog/cloud-security-awareness-starts-here/

Danish Wadhwa