Top Vulnerabilities in Cloud Computing and Security issues
What is Vulnerability?
In cybersecurity, a vulnerability is a weakness which can be exploited by a cyber attack to gain unauthorized access or perform unauthorized actions on a computer system. Vulnerabilities allow attackers to access a system’s memory, inject malware and take away, destroy or modify sensitive data.
Vulnerabilities are often exploited with the assistance of varied methods including SQL injection, buffer overflow, cross-site scripting (XSS) and open-source exploit kits that search for known vulnerabilities and security weaknesses in applications.
Cloud computing vulnerabilities
Virtual Machine Escape: In a virtual environment, the physical servers run multiple virtual machines on top of hypervisors. An attacker gets the access of a hypervisor remotely by using a vulnerability present in the hypervisor itself — such vulnerabilities are rare, but they do exist. Additionally, a virtual machine can move out from the virtualized sandbox environment and gain access to the hypervisor and along with that all the virtual machines running on it.
Reliability and Availability of Service: User always expects their services and applications to always be available when we need them, which is one of the reasons for moving to the cloud. But this isn’t always the case, especially in poor weather with a lot of lightning where power outages are common. The Cloud Service Provider (CSP) have uninterrupted power supplies, but even those can sometimes fail, so we can’t believe in cloud services to be up and running 100% of the time. we’ve to require a touch downtime into consideration, but that’s an equivalent when running our own private cloud.
Data Protection and Portability: When choosing to migrate the cloud service provider for a less expensive one, we’ve to deal with the matter of knowledge movement and deletion. The old Cloud Service Provider has got to delete all the info we stored in its data centre to not leave the info lying around.
Alternatively, the Cloud Service Provider that goes out of the business must provide the info to the purchasers, in order that they can move to an alternate Cloud Service Provider after which the info must be deleted. What if the Cloud Service Provider move out of business without providing the data? In such cases, it’s better to use a widely used Cloud Service Provider which has been around for a short time, but in any case, data backup is still in order.
Secure Data Transmission: When transferring the info from clients to the cloud, the info must be transferred by using an encrypted secure channel like SSL/TLS. This prevents different attacks like Man In The Middle (MITM) attacks, where the info might be stolen by an attacker intercepting our communication.
Denial of Service (DOS): An attacker can raise a denial of service attack against the cloud service to make it inaccessible, therefore disrupting the service. There is a variety of the way an attacker can disrupt the service during a virtualized cloud environment: by using all its CPU, RAM, disc space or network bandwidth.
Account/Service Hijacking: It’s often the case that only a password is required to access our account within the cloud and manipulate the info, which is why the usage of two-factor authentication is preferred. Nevertheless, an attacker gaining access to our account can manipulate and alter the info and thus make the info untrustworthy. An attacker having access to the cloud virtual machine hosting our business website can include a malicious code into the online page to attack users visiting the hosted website. An attacker also can disrupt the service by turning off the online server serving our website, rendering it inaccessible.
Conclusion
When an enterprise company wants to manoeuvre their current operation to the cloud, they ought to remember the cloud threats so as for the move to achieve success. We shouldn’t believe the cloud service provider to require care of security for us; instead of that, we should always understand the safety threats and communicate with our Cloud Service Provider to work out how they’re addressing the safety threats and continue from there.
We should also create remote backups of our data no matter whether the Cloud Service Provider is already providing backup service for us — it’s better to possess multiple data backups than find out the info wasn’t protected in the least when the necessity for data restoration arises.