On the Tenth Day of Christmas, the Industry Predicted…Cloud Vendor Compromise

As the penultimate working week before the Christmas break draws to a close, there are now just nine sleeps before the big day. However, before we all head off to make the most of the last real shopping opportunity this weekend there’s just enough time to continue our series of predictions for 2017, with thoughts now turning to the likelihood of a cloud vendor compromise next year.

This is something that Anomali senior threat researcher Aaron Shelmire expects to hit the headlines in a big way in 2017, predicting that a major cloud vendor will be in the news for suffering a significant security breach.

He argued that, thus far, none of the large cloud storage/infrastructure companies have detailed a breach since the Aurora attacks that Google did in 2009. This is in an environment where as many as 89% of healthcare organizations experienced a data breach in 2015, yet we aren’t hearing much about them from the companies that host these industries data and systems.

“People and businesses are relying upon cloud services more than ever,” he told Infosecurity. “Cloud services are more convenient and often cheaper than alternatives. As people increase their dependence upon cloud services, the goals of malicious actors will follow the data and computing resources to the cloud.”

This is an opinion shared by Alex Cruz-Farmer, VP of cloud at NSFOCUS, who added that some of the giants in the cloud industry are in a full scale war with bad actors and hackers.

“If we look at the market today, there were several significant breaches this year and, unfortunately, I expect the trend to continue,” he argued. “Threat intelligence and technology as a whole is catching up, however we are repeatedly seeing some vendors following bad practices, which is leading to some of these breaches or attacks (for example Mirai and TR069).

“Hackers are becoming smarter, and the systems and clouds companies are deploying are getting bigger,” he continued. “What does bigger result in? More man power or more automation? More automation results in less human interaction, so one malfunction of any of these automated tools could be a goldmine for an attacker.”

For example, he said, if there were to be a small security hole found in one system, a lot of platform architects using similar methods for their designs may find that hackers could reverse engineer these methodologies, making it very straightforward to go deeper.

There may be some light at the end of the tunnel though, according to Shelmire, who thinks serious breaches could be the wake up call cloud vendors need to start implementing better security in their services.

“After this [breaches] cloud vendors will engage in technical advances to better protect their systems. The cloud vendors will also engage marketing to use their security and survivability as differentiators.”

The landscape is getting more and more aggressive, concluded Cruz-Farmer, and threat intelligence teams are our real line of defense, infiltrating the networks and groups out there committing these acts.

>> On the First Day of Christmas, the Industry Predicted...More Ransomware

>> On the Second Day of Christmas, the Industry Predicted…Poor Routine IT Practices

>> On the Third Day of Christmas, the Industry Predicted…More Political Disruption

>> On the Fourth Day of Christmas, the Industry Predicted…CIOs to Reclaim Ownership of Data Initiatives

>> On the Fifth Day of Christmas, the Industry Predicted…More Social Media Attacks

>> On the Seventh Day of Christmas, the Industry Predicted…More Mention of AI

>> On the Eighth Day of Christmas, the Industry Predicted…Attackers Making Money

>> On the Ninth Day of Christmas, the Industry Predicted…GDPR Compliance

>>On the 11th Day of Christmas, the Industry Predicted…Better Security Collaboration

What’s Hot on Infosecurity Magazine?