The use of cloud computing has grown to immense proportions in recent years. Many people have heralded the rise of the cloud as the next big step in IT evolution. We think that is probably an exaggeration but there is no denying the importance of the cloud. It gives people a way to transcend the limits of their physical disk space, RAM, etc. By making use of pooled online resources, better network performance is also possible.
In the same way that cryptocurrency miners contribute their computing resources to a shared pool, cloud users share the workload across all parts of the network. While cryptocurrency miners do this to make money, normal cloud users do it for faster speeds and more efficient performance. However, some serious security concerns have arisen from the widespread use of the cloud, making it more important than ever to address these concerns.
Why This Problem Is More Important Than Ever
Cloud security is immensely more important than ever before, and it all comes down to one simple reason. There are more people using the cloud than ever before. All of the IT metrics that we can find seem to indicate this fact and this trend has been on the rise for several years now. The Covid-19 problem fueled a particularly sharp rise in 2020, as you can see from this report.
Cloud-based video conferencing software was really the big winner here. Zoom alone saw a revenue increase of more than 300%, with similar platforms also seeing large gains. Cloud infrastructure services grew by 33% while cloud software services saw a jump of about 20%. Obviously, hackers can observe these trends just as easily as we can. For this reason, they seem to have recognized cloud networks as a soft target.
Are Clouds Hacked Often?
It might be an exaggeration to say that cloud networks are frequently hacked. However, this kind of thing does happen from time to time. If nothing else, that shows how it is still possible for most cloud networks to be hacked. Let’s look at a couple of examples to get a better idea of how often this works. We will limit ourselves to examples of cloud hacking that occurred no later than 2019.
Just one week ago (as of this writing), the University of Miami suffered a pretty significant cloud breach. It was related to a cloud-based file sharing service called Accellion. It seems that the cloud server hosted by Accellion was the victim of a ransomware attack. Basically, they locked the system and demanded a ransom for the password. That’s how ransomware attacks work, and their strong encryption makes it very hard to defeat them. Still, an efficient and automated backup system would probably have prevented this whole thing.
The Accellion hack turned into a really big deal, as other high-profile customers were affected. These included Shell gas, Kroger supermarkets, and even the offices of a Washington state auditor. The University of Miami was not very forthcoming with details (nor were most of the other victims) but all are said to be cooperating with law enforcement.
For a second example, let’s look at another incident that occurred only four days ago. Verkada, a maker of high-end security cameras, was the victim of a brazen cloud-jacking attack. By using a vulnerability in the cloud, hackers were able to take control of an administrator-level account within Verkada’s system. They said hackers obtained access through “hardcoded credentials.” This probably means that someone forgot to change their default password.
Footage from over 150,000 security cameras was stolen. We don’t have to tell you that such information could be very useful to criminals. And, once again, it was an improperly configured cloud account that caused the whole mess. High-profile victims of this incident included Tesla, Nissan, Equinox, and Cloudflare. More disturbingly, they stole a lot of footage from hospitals, jails, and public schools. This is a very serious incident because their choice of targets would seem to indicate their desire to carry out serious criminal activity, and not the online kind. We sincerely hope these individuals are caught before they can carry out any of their criminal plans.
The Cloud Is Not Fully Safe…At Present
When we started looking for recent examples of cloud hacking, we were surprised at how easy the research was. There are many other examples, though these two were chosen for their high-profile and high-impact nature. It didn’t take very long to find our two good examples and both of them happened within the last week. This indicates that cloud hacking is a serious and pervasive problem.
Virtually all cybersecurity experts will tell you not to store super-sensitive data in the cloud. Some will say it’s okay, but even they will admit to the flaws that exist (with this article being a good example). Even if you and your cloud provider take all possible precautions, an attacker might be able to gain entry by exploiting a less-vigilant user. Human error is always the biggest security risk, as people can often be tricked into giving away their network credentials.
Thankfully, we do see a trend towards more secure cloud-based solutions. The cybersecurity field has recognized the scope of this problem. Therefore, we can assume that some of the biggest brains in the field will be working on ways to make the cloud more secure.
You should, of course, take every possible precaution to make your cloud network as safe as possible. Don’t shy away from that task simply because there will always be flaws. It is still well worth the time and effort to enable high-security settings and implement high-security policies. Just remember to store your most sensitive data on an offline external device. Of course, a managed IT plan is one of the best options for those who are not well-versed in such things. If you need that kind of help, you will probably find yourself asking: “Who are the best managed IT providers near me?” In response, we would urge you to call PCH Technologies at (856) 754-7500.