The Rise of Profit-Focused Cybercrime on the Cloud
Cybercrime is a growing challenge for business and society, but it is still associated with shady hackers motivated by curiosity or financial gain. In reality, profit-focused cybercrime has emerged as a major problem for global businesses.
It is encouraging to think that the cloud may make us safer. But, it can be just as vulnerable if we do not protect it properly.
As cybercriminals look for ways to outsmart IT, they set their sights on cloud services that are still vulnerable to attack. What is making it so much easier now is the whole movement toward cloud computing—a motion that has led many businesses to hire firms that don’t specialize in that sort of security.
Cybercriminals are already exploiting this new security arrangement between cloud networks and organizations to commit fraud, steal sensitive financial data, or even launch ransomware attacks on local businesses.
In fact, there is a growing list of breaches like lost personally identifiable information (PII) and stolen credit card or banking information linked directly to cloud service providers (CSPs).
Why is Cybercrime a Growing Concern?
Researchers of Trend Micro found that popular providers like Amazon, Facebook, Google, Twitter, PayPal at some point or the other have faced the repercussions of data theft where terabytes of internal business data were up for sale on the dark web.
Cybercriminals usually sneak such data from the cloud logs where it is stored and sell them wherever profitable. The time it takes for these guys to perpetrate fraud and monetize profits has decreased from weeks to a few days or just hours.
Trend Micro further predicts that cybercrime will get even bigger; some even say it’s just beginning.
Cybercrime has reached epic proportions. According to the Kaspersky Lab, a single instance of ransomware demand (in which an attacker encrypts a computer or network and does not let go until a ransom is paid) can cost a business more than $713,000. Other associated costs can push the amount much higher. They generally include the cost of:
- Paying the ransom
- Cleaning up
- Restoring a backup
- Improving infrastructure
- Ensuring the network is functioning
- Repairing damage
Remember the ExPetya cyberattack that hit more than 12,000 machines in over 65 countries? Think of the downright profits criminals must have made!
Narrowing Down the Biggest Cloud Problem: Attack Vectors
Clearly, companies aren’t prepared for cyber threats, and they need to do something quickly. You need to understand exactly where your system could be at risk, and once you figure it out, you should know what you can do about it.
Multiple options to configure
Cloud computing offers many unique opportunities to deliver value to users, but it also requires an unusually high level of user competence. Different configuration mechanisms provide different levels of confidence, but they all rely on the decisions enterprises make.
When speaking of configuration, the devil is in the details. That is to say, from a few simple choices about things like storage and networking; a developer can see many problems caused by incompatibilities or invalid assumptions. Think of it like programming; it is easy to make mistakes that are almost impossible to recover from.
Attacks like Denial-of-Service (DoS)
Cybercriminals and “hacktivists” use cloud platforms for distributed denial of service attacks because they are very effective. The symmetrical nature of the cloud plays right into the hands of cybercriminals. They can rent their own botnet by using cloud computing services.
These criminals create viruses that turn the victim’s computer into part of a “botnet,” which is then rented for activities like attacking websites or sending spam. Botnets are also now available on-demand via underground forums. It means they can stop paying when they stop needing.
Lack of consistent scanning
One of the major downsides to cloud adoption at large is that it is difficult for a company to detect and orchestrate security around the new applications when they are introduced into their environment.
Since different departments are spinning up cloud applications, it is exhausting for a central management team to control what’s happening unless they have a unified line of communication. Businesses should regularly scan to ensure all data is encrypted and there isn’t any server that is accessible back doors.
Insecure interfaces and APIs
An insecure user interface (UI) or application program interface (API) is like an open door invitation for cyber attacks. Enterprises should prioritize security investments to build safe systems right from the start rather than bolted on later.
Whether it is a public cloud or a private cloud, your cyber security team must make efforts to maintain the flow of information sensibly and securely. These include parameters such as inventory management, testing, auditing, and abnormal activity protection. Businesses should also protect their API keys and avoid overusing them. In addition, they can also leverage open API frameworks like Open Cloud Computing.
Not adhering to policies
Security policies play a key role in making sure that cloud data remains reliable in a business. IT organizations must put in place a process for enforcing policies before being used to protect critical data.
It may often happen that the security team will want someone from the business to inform them about their next move. However, given that most organizations have a bunch of different account owners, it isn’t clear who to ask. On the other hand, the DevOps team may not want to do manual configuration or implementation. Besides, to pull up APIs, you must be logged in to your account.
Without the right policies and tools to monitor, track, and manage their applications and API usage, businesses cannot take full advantage of cloud benefits or protect themselves from risks like data leakage or compliance violations.
Cybercriminals to Make an Annual Profit of $10.5 Trillion by 2025
People often think of cybercrime in terms of the losses it causes, but what about its profits?
The cybercrime industry is a multi-billion-dollar business. And it’s only growing. Criminal hackers are shifting their focus from opportunistic, low-level attacks to big, high-value targets like governments and large corporations.
According to Cybersecurity Ventures, the damage is estimated to reach $6 trillion USD by 2021. If cybercrime were a country, it would be the third-largest economy in the world after the U.S. and China.
Cybercrime is inherently different from a traditional crime. These cybercriminals operate in groups or even organize themselves into syndicates, sharing information about the operation of their schemes to increase efficiency and reduce the chance of being caught.
The cybercrime economy is a dynamic market filled with disruptive start-ups. Cybercriminals are taking business models more seriously. They’re not “sewing” together spreadsheets of stolen credit cards. They’re building platforms that can compete with the legitimate economy. There’s more to the threat than you think.
Breaking Up the Trillion-Dollar Cybercrime Market
Even though cloud computing is transforming the way businesses operate, the risks are bigger than what you will be compensated for. The responsibility, therefore, lies on both cloud users and providers.
Some tips on how to become resilient and prevent the top threats in cloud computing are:
1. Secure APIs and restrict access
APIs are at the heart of cloud computing, so any developer worth their salt should know how to build them securely. This might mean restricting access across different networks or developing the API only at the edge of your infrastructure before letting it call other applications.
2. Ensure endpoint protection
Endpoint protection is similar to burglar alarms. Burglar alarms protect homes when they’re unoccupied because burglars can easily break in when no one’s there.
Similarly, endpoint security protects corporate networks that are remotely bridged to a host of business-critical devices. For example, mobile employees, employees who use laptops and tablets on the road, and customers who connect to corporate Wi-Fi.
3. Encryption is key
Cloud encryption allows you to create secret texts or ciphers that are stored on a cloud. Your business data is invaluable, which is why it is important to protect your information before it gets onto the cloud. Once encrypted at the edge, even if your data is stored with a third-party provider, all data-related requests will need to involve the owner.
This way, you maintain complete control over all your customers’ information and ensure it remains confidential and secure.
4. Use strong authentication
Weak password management is one of the most common ways to hack a cloud computing system. Thus, developers should implement stronger methods of authentication and strengthen identity management.
For example, you can establish multi-factor authentication where the user needs to produce a one-time password or use biometrics and hardware token to verify their identity at various touchpoints in the user journey.
5. Implement access management
Enable role-based access to control the scope of a user’s permissions. You can also restrict a user’s capabilities by assigning only the permissions that the user is allowed to have. This way you can ensure that your users can have their work environments exactly as you wish to set up for them.
6. Backup your data
With the increasing need for data security, organizations of all sizes are turning to data centers for backup services. Modern cloud data centers offer the whole package—unmatched protection, scalability, performance, and uptime.
Every company needs a business continuity plan to ensure that their systems are safe, even if the worse happens to them. When you have a secure data center environment to back up your data, you can keep your business up and running even in the event of a ransomware attack.
7. Educate your team
Your employees are your biggest security risk element. Therefore, make security training mandatory for anyone who works in your company. When employees are active participants in protecting assets, they’re fully aware of their responsibilities when it comes to protecting data.
You can also create an internal guidebook for your employees so they know the best course of action in case of identity theft. Another option is to create an actual response protocol. This way, if your employees ever feel they have been compromised, they will always be prepared.
The Bottom Line
Anonymity is a powerful tool, and the cloud has made it easier for cybercriminals to preserve anonymity by scattering networks over different servers.
The need for cyber security is greater than ever. Cybercrime is on the rise, and it has become more sophisticated and lucrative than ever before. In addition, as companies continue to migrate their operations to the cloud, criminals increasingly view the cloud as an attractive target for profit-making criminal and espionage operations. It’s time to fight back!
Originally published at ReadWrite
Deepak Gupta