The new year is rolling along, and its challenges are taking shape. Among them are some threats that companies will have to deal with. Some of them are economic, others are cyber, and considering how many companies are now using the cloud, some specific cloud threats that companies will have to face in 2023.
According to Gartner, 95% of new digital workloads will be deployed on cloud-native platforms by 2025. This signals a constant and growing reliance on the cloud which is great for the service providers, but it also brings new and important challenges for security. The bigger usage of the cloud draws the attention of hackers, and it motivates them to invest more time, effort, and money into their tactics.
The challenge is especially complicated for enterprises. “The average enterprise today uses close to 2,000 different cloud services. As a result, cloud footprints are exploding alongside the sheer volume of data stored in the cloud. Cloud assets are also easily deployed outside of an organization’s security policies, which creates misconfiguration risks. IT and security teams may not know that these assets exist”, says Dan Benjamin CEO of Dig Security to Dark Reading.
All of this requires new approaches towards old challenges. As always, there’s not one universal solution. Instead, companies have to learn to constantly monitor threats and adapt to them on a continual basis. With that said, some risks will be more common than others. Here’s what we can expect to face in the cloud world regarding threats in 2023.
The good old VPN
What? Weren’t VPNs supposed to be among the best ways to secure your connection? Technically yes. But that was for a time before the pandemic when VPN usage wasn’t that widespread. These services aren’t optimized for massive amounts of traffic that comes with the combination of a lot of remote workers, the increased number of cloud services and the constantly rising amount of data that must be transferred.
Currently most VPN setups struggle to handle the amountof traffic that comes with the increased numbers mentioned above. The first issue is that this can slow down the traffic and thus offset productivity gains the cloud should bring.
Also, VPNs aren’t unbreakable. They have their own set of risks. The more connected the users are, the more opportunities for hackers to compromise one connection and get access to the company network. The good news is most organizations know the risks around VPNs, however this doesn’t mean solutions are easy or readily available for each particular case. This is a challenge which will require a bit of extra effort in order to find the best approach for each specific case.
Don’t forget the devices
This is a second risk which can be closely tied with the previous one. Even if you have a very well secured VPN, that might not mean much if the device of the user is already compromised. That’s why some financial institutions have adopted a stricter policy by giving their remote workers company laptops which are only to be used for work and are set up by the organization’s admins. It’s probably the most secure approach, but it’s also the most expensive and complicated. So, it’s not something that most companies can do or afford.
Another wrong assumption is that since the device is managed by the organization, there’s no problems with it, VentureBeat notes. That may be true initially, but there’s no guarantee it will remain as such all the time. At the very least the user could fall victim to a phishing scheme. This is why regular user authentication for both the user and the device is recommended.
The cloud today is not just a place to store data or utilize for a few apps. It’s a massive platform where a lot of third-party apps and code runs all the time, and this creates a lot of additional risks. Often, it’s not feasible or possible to check all code before allowing it within the cloud environment.
In most cases organizations have to rely on the blind trust that the third-party app has decent security and code. But in the big picture, this is simply yet another point of entry for hackers. “If we’re using a third party that is legitimate and we connect it to our application because it’s a service we’re using, and that service gets exploited, it might not get detected as abnormal or malicious activity because the vulnerability lives outside our own security perimeter,” Shira Shamban, CEO and co-founder of Solvo says to Dark Reading.
The way to at least somewhat mitigate this risk is to carry out additional security checks. At the very least make sure the app developer provides regular and timely updates. In the eyes of the customer, a breach is a breach, and it won’t matter who is to blame. So, you have to work closely with third-party software developers to ensure security levels are good.
Ransomware gets cloudy
We are used to treating ransomware as a risk to our internal networks, but now hackers are starting to craft ransomware specifically for cloud setups. “As more enterprises continue to move their infrastructure, applications, workloads, and data to the cloud, they must prioritize protecting their businesses against ransomware. These crown jewels of a modern enterprise are equally valuable to cybercriminals”, Dig Security notes.
Ransomware has increasingly become one of the preferred vectors for hackers. Data shows that every year, ransomware attacks increase in both total number and requested payments. The popularity of the cloud brings more opportunities for the hackers. And it doesn’t matter which cloud service provider you use, hackers aren’t afraid of the biggest names. In fact, they are developing specific attacks for cloud platforms. Some of them are targeting services which sync data with the cloud, while others are focusing on phishing schemes to lure in workers. The main way to mitigate this risk is by increasing employee awareness and improving their skills to be better at spotting and handling possible phishing attacks and/or malware hidden in attached files, dubious links or social media posts. And another idea to protect yourself from malicious attacks is using Neterra.Cloud’s backup service, which has a built-in crypto virus protection service.
Artificial intelligence is not only for the good
Artificial intelligence (AI) is currently a hot topic in the IT world. Chatbots like ChatGPT are very popular and have inspired companies of all sizes and industries are exploring ways to use AI in their business. Of course, hackers are doing that, too. In fact, they could use legitimate AI services and simply instruct them to help them write specific code, to explore and analyze different opportunities or ideas, etc.
Hackers are also working to automate a lot of their attacks and AI can be a great tool for that. “We know that AI models can be corrupted,” OpenSSF General Manager Brian Behlendorf says to siliconAngle. Tools like ChatGPT are becoming very popular even for code generation, and as they are freely available, hackers could use them to generate exploitable code and then propagate it online, or they could even create their own AI models which to use for various attacks.
Also, AI is still not all that good with code, but a lot of companies are relying on it, siliconAngle notes. For example, a study by researchers at the New York University found that 40% of the code generated by Copilot, an AI programming tool, is vulnerable. This means companies will have to be very careful when they use AI to generate code faster and will have to spend enough time and effort to go through the code and make sure they find and sort any and all vulnerabilities. Of course, this can’t really happen, and vulnerabilities will always manage to get through even the strictest of processes.
Those pesky humans
A top threat to the cloud in 2023 will be a very familiar one – ourselves. Human error continues to be among the top reasons for breaches. And there are multiple different types of human error. Some of them can be deliberate, for example, knowing that something is wrong or misconfigured, but not doing anything about it. It could be because of wrong assessment of the severity of the issue or putting it off for later. Or simply a “it’s not my job” mindset.
Most human errors though are not even realized until it’s too late. It’s exactly that – forgetting to configure something properly or lacking the knowledge to even look at a certain setting. Unfortunately, hackers are very well aware of these scenarios. This is why they are actively looking to exploit such misconfigurations in cloud services, Dig Security notes. It’s an issue that has plagued even the big brand names like Microsoft and Amazon. Both of them found misconfigurations that caused data leaks from their cloud platforms.
This goes to show that even if you have the best possible security defense out there, it can be rendered completely useless by a single wrong click. As a result, proper employee training can be critical to minimize this risk. Of course, there’s no sure way to guarantee that no one will ever make a mistake. This is why a multi-layered process of checking and rechecking configurations is critical. Organizations should look for ways to make sure they have reduced chances of human error as much as they can. The solutions can and will vary a lot depending on each configuration, service, workloads, etc.
Time to go threat hunting
Another common issue is that many organizations, especially small and medium ones, don’t really look for vulnerabilities or issues with their cloud setups or any other digital asset. They simply assume that everything is configured and as safe as it can be and leave the rest to chance. This is a sure way to miss out on sometimes massive security gaps.
Instead, active threat hunting should be part of the regular process, Security Boulevard notes. There are multiple approaches to that. One of them is finding the gaps. They can be very different. For example, missing out or forgetting to secure IoT devices connected to the internal network, or checking for the aforementioned misconfigurations.
The second approach is to better motivate collaboration between teams within the company. They should communication more – not only about what they need – but the issues they discover, their ideas on how to fix them, etc. Closer collaboration will be a great way to increase efficiency and productivity, as long as there are decent processes in place and it’s not a classic slow corporate structure.