Can you hack-proof the cloud?

CCTV Handbook 2021 Infrastructure

For someone not working in cybersecurity, the most high-profile case of cloud hacking is, arguably, ‘celebgate’, or the 2014 breach of several device-storage accounts that saw hundreds of personal photos of celebrities stolen and published online. For cybersecurity professionals, though, this represents a minute ingress compared to, say, the infamous 2013 breach compromising as many as one billion user accounts, or the 2019 ‘cloud hopper’ case which saw cyber attackers (allegedly involving state actors) access reams of data including intellectual property from some of the world’s largest companies.

The cost and impact of cybercrime is climbing by around 15% every year, according to a 2020 report in Cybercrime Magazine and is expected to cost $10,5 trillion globally by 2025. This makes cybercrime, they argue, more profitable than the global illegal drug trade.

The real costs are far greater though, both broadly and to individual companies, as these funds represent lost investment and innovation and companies increasingly face stringent fines for personal data losses under regulations such as the General Data Protection Regulation (EU GDPR) and Protection of Personal Information Act (PoPIA).

The human layer

All it takes is a chink in the armour and this can be through human error, misconfiguration, permissions-based or sheer brute force attacks. This is why I liken solid data security strategy to a South African staple – the humble braaied onion.

The outer edge gets the most heat through the tinfoil when you’re cooking it. At the centre is the soft part – valuable data – and you have to have multiple layers of protection around that ‘sweet data’. Hacked or – worse – lost, our data is incredibly valuable. This is why you need prevention tactics and training on human error and how this can be exploited.

User education – training on cyber threats and the kinds of tactics used by bad actors – is a key protection layer and one that is particularly valuable because people are inherently fallible. The users of your systems are vulnerable to phishing, spear-phishing and social-engineering attacks. Even if your security professionals are ‘jaded and grumpy’, the outgoing nature of your sales staff (as just one example), their keenness to establish relationships, to be helpful, has been exploited since time immemorial.

And what about a systems administrator who is having a bad day, who makes a simple error in a moment of distraction? These kinds of lapses are so relatable, but they also render the ‘human layer’ susceptible to breaches.

This is why cloud should be seen as an extension of the systems we have always used. In definitional terms, it is scalable and highly agile, accessible by Internet technologies. There are standards that apply, such as usage per hour, availability and so on. This is why cloud can be a boon to business. But, using cloud shouldn’t make you feel more comfortable than using your own server and network.

Strategies, tactics and responsibility

Another important thing to realise is that ‘shifting to the cloud’ doesn’t absolve you of responsibility for your part in the cybersecurity conversation. Most cloud providers, in fact, work on a shared responsibility model, with customers retaining responsibility – for example – for defining who has access to their cloud environments, delineating roles and, ultimately, ensuring that their data is secure.

Password standards are important, of course, but a password is part of the human layer or interface. So, we must also verify that users are who they appear to be, that they aren’t a stolen identity or the result of shoulder surfing. Role-based access would definitely be a preventative measure, as is two-factor or multi-factor authentication (2FA and MFA). Still, it is important to ensure these avenues of control do not become prohibitively convoluted. They must be relatively intuitive so that users don’t push back or see them as a barrier to getting their work done.

Then, whether it is inside your HQ, or out in the cloud, data is always in one of three states: in use, at rest and in motion. With each of these, there are vulnerabilities that need to be addressed. Here again, taking a layered approach to security is required.

In order to both enable your workforce and protect the organisation, you need to ensure that the right data is given to the right people at the right time – that is data in use. This is where a security framework like ‘zero trust’ can be appropriate as this requires all users, devices, applications and services – internal and external – to be authenticated, authorised and constantly verified.

Other tactics in this layered approach, used in combination or in discrete instances, include perimeter security, intrusion detection and prevention systems (IDS/IPS) that can identify anomalies and sandboxing that enables the identification of threats being seen for the very first time. The key in all of this is having real-time threat intelligence being continually fed into your security infrastructure so that it’s always up-to-date with the latest malware, attack techniques and attacker profiles. An ever-evolving threat landscape can only be addressed with an ever-evolving cyber defence.

Standards in place, and beyond standards

Data at rest includes ‘backup in the cloud’ or storage. Firstly, a backup needs to be a backup, meaning that best practice requires keeping data in multiple places and not just ‘cutting and pasting’ off a machine. Secondly, that cloud storage is only as safe as the policies, protocols and standards that are applied. Correctly configuring access is key. Equally critical is encrypting data at rest.

Too often, he cautions, clients are in a rush to get a system up and running and forget things like consultation with the group risk department who have standards for, for example, encryption. Cloud environments need to be proactively and continuously monitored to identify any data that is not encrypted or may be mistakenly publicly readable.

Finally, there’s data in motion. The encryption you use will be determined by what data is going to be transmitted. Data is very vulnerable when it is in motion. There are hundreds of millions of unencrypted emails flying about every day.

Stratified strategy

The bottom line is that none of the security or encryption tools are completely impenetrable, especially as the technology deployed against them becomes increasingly sophisticated – as we are seeing with the use of quantum computing in this context.

The final layer of the onion, so to speak, is monitoring and the capability of detecting when things aren’t going as expected and then – vitally – the means to automatically act on that info.

This is why artificial intelligence (AI) in security is coming to the fore. AI is being used in determining the behaviour of a bad actor versus a good actor while the data is in use. Our AI systems are diagnosing potential threats and proactively improving security. AI can quickly assess what a user’s previous access encompassed and determine that suddenly the user is asking for information that they have never had before. AI, along with automation, can then proactively work to limit access and tighten the controls in place.

As we increasingly rely on cloud environments and our world becomes ever more digital, all these defences are coming together to ensure that we are the ones left to enjoy the rewards of that sweet data core and not the bad actors.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

A passport to offline backups
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure Smart Home Automation
SMART Security Solutions tested a 6 TB WD My Passport and found it is much more than simply another portable hard drive when considering the free security software the company includes with the device.

Read more...
Five tech trends shaping business in 2025
Information Security Infrastructure
From runaway IT costs to the urgent need for comprehensive AI strategies that drive sustainable business impact, executives must be prepared to navigate a complex and evolving technology environment to extract maximum value from their investments.

Read more...
Threats, opportunities and the need for post-quantum cryptography
AI & Data Analytics Infrastructure
The opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. The evolution of quantum computing jeopardises the security of any data available in the digital space.

Read more...
Navigating today’s cloud security challenges
Information Security Infrastructure
While the cloud certainly enables enterprises to quickly adapt to today’s evolving demands, it also introduces unique challenges that security teams must recognise and manage. Vincent Hwang offers insights from the 2025 State of Cloud Security Report.

Read more...
The rise of autonomous data recovery
Information Security Infrastructure
Escalating cyberthreats and attacks constantly put businesses under pressure, increasingly prompting organisations to shift their mindsets towards ensuring continuous operations and thus avoiding downtime and revenue loss.

Read more...
Can we really fight AI cybersecurity threats with more AI?
Information Security Infrastructure
In a world where artificial intelligence (AI) is increasingly being weaponised by cybercriminals, the question of whether we can effectively combat AI threats with more AI is not just a technical inquiry but a pressing global concern

Read more...
Partnership delivers 40% storage savings for surveillance
Surveillance Infrastructure
Large-scale video surveillance users and applications demanding extended storage periods will benefit from up to 40% savings on video storage hardware stacks thanks to a new partnership between IDIS and Secure Logiq.

Read more...
How smart video is transforming storage at the edge
Infrastructure Surveillance
As these technologies come together, they are impacting the architecture of the edge and what we require from data storage. More specifically, they are driving a demand for specialised storage.

Read more...
VPS hosting set to dominate in 2025
Infrastructure
SME market growth and the increasing need for a digital footprint are pushing VPS growth in South Africa, especially since it is now perceived as a viable business tool, scalable by nature, with improved performance.

Read more...
Threats, opportunities and the need for post-quantum cryptography
AI & Data Analytics Infrastructure
The opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. The evolution of quantum computing jeopardises the security of any data available in the digital space.

Read more...