Page 149 - Cyber Defense eMagazine September 2022
P. 149
trustworthiness and accountability. Moreover, misconfigured cloud systems must be fixed on priority.
Regular analysis for providing authorization and validation to certain personnel should be conducted.
This will prevent data and financial losses. Moreover, it will maintain the credibility among your customers
for keeping their data and information safe from potential threats.
• Ensuring proper security of APIs
Application programming interfaces (APIs) allow two applications to connect, interact, and transmit data.
These APIs provide an access of software platforms to third parties. Owing to weak authentication at the
gateways of these APIs, the sensitive data may become vulnerable to hackers. Many hackers are always
focused on exploiting APIs and steal the user data. In June 2021, LinkedIn reported that its APIs were
utilized to steal the data of nearly 500 million users. The data was put on dark web for sale. For prevention
of such leaks, cloud security providers must ensure that there is an integrated security. Moreover, there
must be proper management, monitoring, and security of “front door” of the cloud. There should be
avoidance of reuse of API key along with the usage of standard and open API frameworks. The utility
programs that override the network, systems, and applications must be restricted. The access to APIs
must be segregated and the access to specific users needs to be provided for preventing data tampering
and disclosure.
• Awareness and prevention of denial-of-service attacks
Though scalability is one of the crucial benefits of the cloud, it may become a liability if the cloud system
is overloaded and stops its operation. This may become one of the crucial cloud security risks. Many
hackers are not trying to gain access to the system, but trying to stop the working of the system. This will
frustrate users as they will not be able to utilize the system. This type of attack is known as denial-of-
service attack (DoS) and it disrupts the workflow. Sony's online PlayStation store was attacked in a similar
manner in 2014. The brute force attack was utilized in this hack attempt and the online store was down
for nearly a day. Many organizations that have their workloads on the cloud will be attacked in the same
way to stop their daily operations.
Such DoS attacks can be prevented in various ways including updating intrusion detection systems,
blocking IP addresses, and firewall traffic inspection. The system must be able to determine anomalies
when users try to access the system and early warning needs to be provided. On the basis of anomalies
in credentials and behavioral aspects, the system can provide early alarm to ensure cloud security.
Moreover, the suspicious IP addresses should be blocked. Security teams can also inspect the incoming
traffic. The source and destination of incoming traffic can be inspected and firewall can be placed by
differentiating the good and bad traffic.
Such security measures can be taken to prevent the cloud systems from hackers and cyber-criminals.
The cloud adoption will surely increase in the next years and the need to deploy stringent security
measures to prevent different types of attacks will rise consequently. With increased awareness,
Cyber Defense eMagazine – September 2022 Edition 149
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.