In the cloud, security risks can come from all angles, especially when you’re relying on AWS to get your Cloud computing business up and running.
These risks are known as vulnerabilities, and each year,
a list of them gets published by the Open Web Application Security Project (OWASP).
If you rely on AWS,
it’s important to be aware of these vulnerabilities so that you can take steps to protect yourself against them.
In this article, we go over the top seven security issues associated with AWS to help you identify and avoid them in your own business.
1) DoS Attacks
Denial of Service (DoS) attacks are one of cloud computing’s most common issues,
simply because their perpetrators can be so hard to track down.
At their simplest, DoS attacks attempt to prevent legitimate traffic from reaching its destination by overloading a host or network with illegitimate requests.
This causes servers and routers to become overloaded until they crash.
The effects of these attacks range from inconvenient temporary downtime for web sites to service disruption and even data loss if databases are affected.
With cloud computing services especially vulnerable as resources become virtualized,
it’s important for IT Jobs to know how (and why) DoS attacks work.
There are several different types of DoS attack that use different methods to reach their goal; here are some of the most common.
2) Data Theft
Of all of Amazon’s cloud services, it’s S3 that is most vulnerable to data theft.
If a hacker gains access to your credentials, they can steal your data and then sell it or use it for malicious purposes.
Be sure you enable multi-factor authentication, rotate your access keys regularly
, and restrict their use to only those users with a high-level of trust.
With proper security measures in place,
Amazon guarantees that in such cases where unauthorized access has occurred, you will not be held liable.
However, we strongly recommend that you read up on their recommended best practices before going live.
Once potential victims have been identified,
hackers send out phishing emails that are crafted in such a way as to appear legitimate such as invoice alerts from Viber and notifications from YouTube.
Once click fraud occurs, fake accounts under control of hackers increase subscriptions and change passwords so these pages will open bank accounts under their name.
Ultimately, these fraudulent account holders drain bank accounts dry by carrying out Ponzi schemes through wire transfers.
This allows them to purchase goods online using stolen credit cards while remaining anonymous so law enforcement agencies cannot track them down easily.
3) Unauthorized Access
Whether it’s through physical or virtual penetration, unauthorized access to your cloud environment is a big concern.
Make sure you have top-notch security with multi-factor authentication for all user accounts and encryption for data at rest and in transit.
Encryption is especially important if you’re dealing with sensitive data.
As a cloud provider, you should also encrypt any sensitive customer information before storing it on Amazon S3.
This will prevent unauthorized parties from accessing your data even if they do gain access to your account credentials.
Also make sure that access to your environments is limited only to authorized personnel. Implementing granular permission controls within AWS Identity and Access Management.
(IAM) can help ensure that there are no unapproved users logging into your environments.
The key here is not just using IAM but making sure you understand how IAM works so that you know exactly what permissions each of your users has.
To make things easier, many third-party tools can automatically provision IAM users based on their role within an organization for example,
administrators get full permissions while engineers only get read/write access to specific resources which makes managing permissions easier for organizations of all sizes.
4) Accidental Changes
The most common cloud security issue, accidental changes is when administrators change configurations by mistake.
According to a recent survey of CIOs from Synergy Research Group, 18% said they had accidentally changed an important server setting.
The lesson here is simple: limit who has access to your cloud services and make sure any sensitive information about user accounts and settings is backed up regularly on paper or in a different digital location.
It’s best not to rely on just one backup copy and definitely don’t forget to document which file stores what data, just in case you need it later.
Another option is using a control panel like CoreOS ManageIQ that can alert you if someone is tampering with your server configuration files.
5) Inadequate Monitoring
While SSL can protect you from eavesdroppers, it won’t stop a man-in-the-middle attack.
In these attacks, which can be difficult to detect and are made possible because of misconfigurations and weak passwords,
hackers gain access to your network through an insecure router or other unprotected connection.
Once there, they can do everything from stealing user credentials to siphoning off data that passes through your system.
To prevent man-in-the-middle attacks, administrators should ensure their internal networks are secure and,
that all remote users use two-factor authentication when accessing critical systems like virtual servers.
6) Weak Keys, Poor Cipher Suites, Insufficient Transport Layer Protection
A man-in-the-middle attack (or MITM) is where an attacker intercepts information being sent between two computers.
That means he can see all of your traffic, so it’s very important that you protect yourself against these attacks when using public WiFi networks,
such as those at coffee shops or hotels.
To do so, use a VPN service that encrypts your data. If a hacker tries to intercept any of your web traffic through a MITM attack, they’ll just see gibberish.
7) Man-in-the-Middle Attacks
As with any cloud service, you run a risk of man-in-the-middle attacks and server impersonation.
In other words, a hacker could create their own certificate for your server and intercept all your data in transit
. To avoid these kinds of attacks, use TLS (Transport Layer Security) when establishing connections with servers,
which are an open standard that encrypts information as it travels from one device to another.
Encryption prevents eavesdropping and establishes authenticity. If you want to verify a secure connection,
make sure to check for an https at the beginning of a URL or lock icon in your browser bar.