CSA’s Top Cloud Security Risks: Part 3

As we continue our coverage of the Cloud Security Alliance’s Notorious 9 Cloud Security threats; Part three is our final installment in this series and it will consist of a deeper dive on the final two threats listed in this report. These two components of cloud security are vendor neutral and the vulnerabilities discussed can occur in any environment. Educate yourself on the following cloud security topics in order to fend off malicious intruders.

Not Doing Your Homework

The actual whitepaper published by the CSA says “Due Diligence.” This simply means that when you introduce a cloud into your environment, you must have staff on hand that is security minded when operating the cloud. When businesses use public cloud services, those who have not done their due diligence may not know that certain exploits or vulnerabilities exist due to the lack of staffing or training. For example, a hack-a-thon was held several months ago where a computer science student hacked into a virtual machine on Amazon AWS in about 4 hours. The student exploited a software package that was preinstalled by means of the image used for the virtual machine, and the exploit resulted in the student being able to gain access to the box. An organization that does not do their due diligence could be setting itself up for the same type of attack by not thoroughly checking their system images before deploying them into the cloud.

Shared Technology Threats

The most important threat that cloud architects should be aware of is the shared technology vulnerability. These types of attacks are often targeted towards the hypervisor that manages the virtual machines in your cloud. The shared technology attack can also happen when a component or a piece of software that controls the virtual layers of a cloud becomes compromised. Shared technology threats are the most serious of all cloud security threats. This is because of the vulnerability that can be exposed is all of the data on a particular node. Depending on the specs of your bare metal hardware, this could potentially open up terabytes of data for an intruder to sift through. The end result of these types of attacks could be catastrophic depending on the type of data hosted inside of the cloud. Hypervisor attacks often result in a data leak which is another topic that we have previously covered in this series. Shared technology attacks are on the rise because many systems administrators will skip updates which could result in vulnerable systems. The rise in these types of attacks only further advocates the idea that users should be encrypting any and all data that they store in the cloud.