There will be a cyber attack on a major cloud provider in 2017, including possibly ransomware that makes its way into a cloud-based data centre, predicts a major security vendor in its annual forecast of events that are likely to happen.
The two forecasts were made Wednesday by Check Point Software, which at the same time released a survey on cloud security issues of over 200 cybersecurity and IT professionals conducted in November.
Although an increasing number of organizations are shifting workloads to the cloud in various ways the respondents still have qualms: 93 per cent of them said they are very or moderately concerned about cloud security.
Just over 80 per cent are very or moderately concerned about ransomware hijacking corporate data even if it’s in the cloud. And they believe the top three threats to cloud environments are unauthorized access, data leakage (including external sharing of data) and denial of service attacks.
Unlike other organizations, Check Point compressed its predictions into two big ones:
–There will be a cyber attack on a major cloud provider.
The impact could be sizable, Donald Meyer, head of the vendor’s product marketing, warned in a blog. Last year a five-hour outage at AWS affected a number of Amazon Web Services (AWS) services and customers. The issue, he said, was isolated to the “US-EAST-1 Region” and was caused by a problem with Amazon’s DynamoDB. A network disruption “briefly affected” DynamoDB’s ability to “communicate with its metadata services.” Once the network issue was resolved, the flood of requests from the storage servers trying to upload their metadata overwhelmed the capacity of the metadata service, resulting in the service needing to be shut down.
The net result of this event was any service that utilized DynamoDB in that region was affected. “After a marathon six-hour battle, AWS was able to increase the capacity of the metadata service, thus restoring it and the corresponding storage services.
Recent reports of the Murai botnet, composed of a huge number of Internet-of-Things devices. AWS has just responded by releasing AWS Shield, a managed distributed denial of service (DDoS) protection service designed to minimize application disruptions and latency.
“The fact that AWS recognizes this as a significant threat should be a wakeup call to any organization using public cloud services that any cloud strategy should also include a robust disaster recovery and back-up strategy to minimize disruptions due to cloud outages,” said Meyer.
–Ransomware will find its way into a cloud-based data centre:
“As more organizations embrace the cloud, both public and private, these types of attacks will start finding their way into this new infrastructure through either encrypted files spreading cloud to cloud or by hackers using the cloud as a volume multiplier,” says Meyer.
IT may have antivirus installed on servers, he noted, but ransomware is now engineered to evade detection.
In terms of cloud defences, Meyer advises strong encryption for data in transit as well as at rest, diligent data back-ups, a well-defined DR plan and deploying advanced threat prevention
“It is up to the organizations to put in place the correct safeguards to prevent unauthorized access and prevent the opportunity for attackers to infiltrate with malware and other advanced threats,” he added.