Microsoft's New Cloud Storage Threat Matrix & What You Need to Know about Cloud Storage Security
Microsoft recently updated their cloud storage threat matrix, containing new methods of attacks and targets. Everyone using cloud storage for business or other purposes should be aware of this, as it offers insight into how attacks are executed and the intricate processes they employ to bypass various security features.
New Processes, Same Goal
Even with the new matrix, the ultimate goal of attacks remains the same - an attack is used to either destroy data, manipulate the stored data, or encrypt it as ransomware. While not mutually exclusive, each of these attacks can easily disrupt a website or a business that relies on cloud storage. These attacks are possible without the appropriate cloud storage security measures.
Scouring the Website for Potential Leaks
Attacks on cloud storage often commence with research - finding storage accounts and public databases that are typically the targets for potential exploitation. It may take some time to identify the perfect database to exploit, but they often result in significant attacks.
The new threat matrix reveals an entirely new method of targeting - websites with access to their cloud storage. Websites have evolved significantly over the years, and the need for vast amounts of data has become the standard. To effectively integrate data into their websites, a link to cloud storage can provide a solution.
This is where the problem arises - a website that does not implement improved security for its cloud storage data can expose itself to attacks. Attackers are now scrutinizing websites with direct links to their cloud storage, and this initial step could lead to website vulnerability.
Taking Full Advantage of SFTP and Code Injection
With a potential target, attacks on cloud storage can now move to gain access, and SFTP (Secure File Transfer Protocol) could be employed for unauthorized access. If an attacker obtains SFTP credentials, they can fully exploit cloud storage, not only by accessing unauthorized files but also by uploading information to the cloud itself. This can eventually circumvent scrutiny from cloud storage security by creating a brand new SFTP account - an account that cannot be flagged, as it adheres to protocol.
Attackers could avoid being flagged as security threats altogether by making key changes to the security configuration itself. From altering configurations on firewalls in virtual networks to disabling load protection on cloud storage, attackers could employ various methods to ensure that they can manipulate the storage without any consequences.
One of the new methods to ensure control of attacked cloud storage is through code injection. Injecting malware and triggering user interactions used to be the norm for cloud storage attacks. As cloud storage continues to advance with features, code injection is now a possibility and is used to gain more control over cloud storage.
Securing Cloud Storage
With the increased threat to cloud storage, what can businesses or individuals do to ensure the security of their cloud?
Fortunately, the simplest answer to this problem is often the most effective: choosing a reputable cloud storage provider. Google's Cloud Storage and Amazon's Web Services are two of the largest cloud storage providers in the world today for good reason. These companies are fully aware of their capabilities and vulnerabilities, and they continually seek ways to secure their customers' data. This doesn't mean that smaller cloud services may not be up to the task of securing their customers' data, but it's important to select a service that thoroughly understands the challenges of cloud security and has a plan to prevent any type of attack.
Posted on
