A significant percentage of IT systems are cloud-based, according to a CompTIA survey of 502 US companies. UU
The cloud is a key enabler for emerging technology, suggests the survey, which was conducted last month.
Cloud computing was one of four trends that respondents expected to have to a large extent in IT conversations over the next 12 to 18 months, CompTIA discovered. Others were artificial intelligence, the Internet of things and cybersecurity.
In addition to improving CapEx and OpEx, the cloud offers better security, defenders have argued.
"The state of public cloud security is quite mature," said Don Meyer, head of product marketing, data center, at Check Point.
However, a number of factors have made security in the cloud problematic:
Inability of companies that use the cloud to take appropriate precautions;
The rise of cryptographic technology: the use of malware to seize victims' computers and use them to extract cryptocurrencies. Y
Processor vulnerabilities.
According to RedLock, the lack of API and user access security, combined with inefficient visibility and monitoring of user activity, makes organizations vulnerable, according to RedLock.
For example, a recent survey revealed that 73 percent of organizations allowed root user accounts to be used for activities, against best security practices, and 16 percent had potentially compromised user accounts.
In the past, hackers were primarily interested in data theft, but now they also hijack computer resources to extract cryptocurrencies. In research published last fall, 8 percent of organizations were affected by this type of piracy, RedLock discovered.
Problems created by the user
The challenges for cloud security "come from a false sense of security and / or confusion with respect to the shared responsibility model," Meyer, of Check Point, told the E-Commerce Times. "Companies must understand the model and its role in the model to ensure that adequate security measures are implemented to keep their environment safe."
Misconfigurations are the cause of "many security problems that arise," said Dave Lewis, global security advocate at Akamai.
The Amazon Web Services S3 cubes are "a perfect example of this misconfiguration problem," he told the E-Commerce Times. By default, these compartments are not public access, but "clients often set them to allow access."
In addition, the level of security knowledge between the cloud architecture and the DevOp disciplines is "quite limited", while solid knowledge of the cloud, automation and DevOps processes "are lacking among the security disciplines of the network, "Meyer said. More education is needed on both sides.
The rise of Cryptomining
According to a recent Akamai Internet security report, the increase in the adoption of the cryptocurrency has led to a sharp increase in the number of criptomine malware strains and in the number of devices infected with them.
The rise in cryptojacking "is not a surprise if you understand the seven habits of highly effective criminals," joked Barry Greene, principal architect of Akamai. "Principle 2, 'do not work too much, and Principle 3,' follow the money ', both [indicate] that the malware and botnet operators will switch to cryptojacking."
Twenty-five percent of the organizations that participated in a RedLock survey earlier this year had found cryptojacking activity within their cloud environment.
XMRig, the cryptographic malware that runs on the endpoint device instead of the web browser, appeared on Check Point's "Most Wanted" list of malware in March. XMRig can extract Monero's cryptocurrency without the need for an active browser session on the device.
"We have seen the attackers use more sophisticated evasion techniques," said Varun Bhadwar, CEO of RedLock.
For example, hackers who came to the Tesla cloud earlier this year installed their own mining pool software and configured the malicious script to connect to an unlisted or semi-public endpoint, Bhadwar told the E-Commerce Times. . "This makes it difficult to detect malicious activity for IP standard or domain-based threat intelligence feeds."
Tesla cloud hackers also used the following tactics:
It hid the real IP address of the mining group server behind CloudFlare, a free content delivery network service;
They configured their mining software to listen in a non-standard port; Y
He kept the use of the CPU low.
Spectra Haunts Intel processors
According to the German computer magazine c't, eight new variants of the Specter vulnerability, grouped as "Specter-NG", came to light earlier this month. They target the Intel CPUs.
Intel designated four of them as high risk.
"There is no real resource or respite" because the root cause, the poor isolation of security between processes in virtual machines, "remains unresolved," said Satya Gupta, CTO of Virsec.
One of the variants can be used to steal data from the cache of the speculative execution engine of virtual machines, he told E-Commerce Times.
That would allow the confidential data of a customer on a particular bare metal used by a cloud computing provider such as Amazon to be tracked by another customer whose virtual machines were deployed on the same metal, Gupta explained. "This will obviously impact more on cloud computing providers."
Possible solutions
Users of cloud services must adopt a holistic approach to security, advised Bhadwar of RedLock, using "a combination of configuration and monitoring of user activity, network traffic and host vulnerabilities."
They should also invest in native cloud security tools, he recommended.
Companies should adopt a more automated and integrated approach to instil robust security into DevOps processes and workflows "to keep security people in check without forcing DevOps people to break their models," Meyer said. of Check Point.
"There is always something else to do," Greene observed of Akamai. "If you comply with all common security best practices, you can not stop, ask your cloud service provider what the next step is for your security architecture, if you are still doing the basics, consider other options."
The cloud is a key enabler for emerging technology, suggests the survey, which was conducted last month.
Cloud computing was one of four trends that respondents expected to have to a large extent in IT conversations over the next 12 to 18 months, CompTIA discovered. Others were artificial intelligence, the Internet of things and cybersecurity.
In addition to improving CapEx and OpEx, the cloud offers better security, defenders have argued.
"The state of public cloud security is quite mature," said Don Meyer, head of product marketing, data center, at Check Point.
However, a number of factors have made security in the cloud problematic:
Inability of companies that use the cloud to take appropriate precautions;
The rise of cryptographic technology: the use of malware to seize victims' computers and use them to extract cryptocurrencies. Y
Processor vulnerabilities.
According to RedLock, the lack of API and user access security, combined with inefficient visibility and monitoring of user activity, makes organizations vulnerable, according to RedLock.
For example, a recent survey revealed that 73 percent of organizations allowed root user accounts to be used for activities, against best security practices, and 16 percent had potentially compromised user accounts.
In the past, hackers were primarily interested in data theft, but now they also hijack computer resources to extract cryptocurrencies. In research published last fall, 8 percent of organizations were affected by this type of piracy, RedLock discovered.
Problems created by the user
The challenges for cloud security "come from a false sense of security and / or confusion with respect to the shared responsibility model," Meyer, of Check Point, told the E-Commerce Times. "Companies must understand the model and its role in the model to ensure that adequate security measures are implemented to keep their environment safe."
Misconfigurations are the cause of "many security problems that arise," said Dave Lewis, global security advocate at Akamai.
The Amazon Web Services S3 cubes are "a perfect example of this misconfiguration problem," he told the E-Commerce Times. By default, these compartments are not public access, but "clients often set them to allow access."
In addition, the level of security knowledge between the cloud architecture and the DevOp disciplines is "quite limited", while solid knowledge of the cloud, automation and DevOps processes "are lacking among the security disciplines of the network, "Meyer said. More education is needed on both sides.
The rise of Cryptomining
According to a recent Akamai Internet security report, the increase in the adoption of the cryptocurrency has led to a sharp increase in the number of criptomine malware strains and in the number of devices infected with them.
The rise in cryptojacking "is not a surprise if you understand the seven habits of highly effective criminals," joked Barry Greene, principal architect of Akamai. "Principle 2, 'do not work too much, and Principle 3,' follow the money ', both [indicate] that the malware and botnet operators will switch to cryptojacking."
Twenty-five percent of the organizations that participated in a RedLock survey earlier this year had found cryptojacking activity within their cloud environment.
XMRig, the cryptographic malware that runs on the endpoint device instead of the web browser, appeared on Check Point's "Most Wanted" list of malware in March. XMRig can extract Monero's cryptocurrency without the need for an active browser session on the device.
"We have seen the attackers use more sophisticated evasion techniques," said Varun Bhadwar, CEO of RedLock.
For example, hackers who came to the Tesla cloud earlier this year installed their own mining pool software and configured the malicious script to connect to an unlisted or semi-public endpoint, Bhadwar told the E-Commerce Times. . "This makes it difficult to detect malicious activity for IP standard or domain-based threat intelligence feeds."
Tesla cloud hackers also used the following tactics:
It hid the real IP address of the mining group server behind CloudFlare, a free content delivery network service;
They configured their mining software to listen in a non-standard port; Y
He kept the use of the CPU low.
Spectra Haunts Intel processors
According to the German computer magazine c't, eight new variants of the Specter vulnerability, grouped as "Specter-NG", came to light earlier this month. They target the Intel CPUs.
Intel designated four of them as high risk.
"There is no real resource or respite" because the root cause, the poor isolation of security between processes in virtual machines, "remains unresolved," said Satya Gupta, CTO of Virsec.
One of the variants can be used to steal data from the cache of the speculative execution engine of virtual machines, he told E-Commerce Times.
That would allow the confidential data of a customer on a particular bare metal used by a cloud computing provider such as Amazon to be tracked by another customer whose virtual machines were deployed on the same metal, Gupta explained. "This will obviously impact more on cloud computing providers."
Possible solutions
Users of cloud services must adopt a holistic approach to security, advised Bhadwar of RedLock, using "a combination of configuration and monitoring of user activity, network traffic and host vulnerabilities."
They should also invest in native cloud security tools, he recommended.
Companies should adopt a more automated and integrated approach to instil robust security into DevOps processes and workflows "to keep security people in check without forcing DevOps people to break their models," Meyer said. of Check Point.
"There is always something else to do," Greene observed of Akamai. "If you comply with all common security best practices, you can not stop, ask your cloud service provider what the next step is for your security architecture, if you are still doing the basics, consider other options."
0 Comments