Monday, October 5, 2020

How Cloud Service Misconfigurations Become Cyber Risk to Organizations

Bestselling cybersecurity author Sai Huda is alerting businesses to misconfigurations in the cloud. Huda is the author of the best-seller, Next Level Cybersecurity: Detect the Signals, Stop the Hack, and former GM, Risk Information Security and Compliance Solutions at FIS, a Fortune 500 company. Under his leadership, FIS attained number 1 ranking in RiskTech100.

When organizations shift their operations wholly or partly to the cloud, they receive out-of-the-box configurations to various systems that cloud service providers give their clients. However, businesses have responsibility to review these out-of-the-box configurations, and make proper adjustments, not the cloud service provider, and once in the cloud, they have to complete all necessary configurations to adequately safeguard their data.

If there is a misconfiguration, a malicious attacker can exploit it to access valuable customer data. Common cloud misconfigurations include unrestricted inbound and outbound access, unrestricted metadata service requests, and passive monitoring of keys and tokens.

Recently, for example, an organization reported the theft of data belonging to over 100 million customers. A past employee of the cloud service provider that the company used identified a misconfiguration in the client company’s web application firewall and used it to break into its cloud system. Once inside, the attacker queried a metadata system to obtain access keys and tokens and used these to collect the data of millions of customers.

Businesses operating through the cloud should make cloud configurations and regular testing of configurations a top priority to avoid creating a back door for cyber attackers to exploit.