Cyber Security in Cloud Computing – Attackers & Threats
Cyberworld is our own cyber place which seems to be restricted to a corner in a room where you have placed your computer. But if you are connected to the internet, this place is no more a corner of the room. It becomes your actual cyber world where you can connect to the people living away from you. As the internet is commonly used nowadays, people interact with others for different purposes. This interaction does not restrict itself to the people only but it involves machines, bots, and systems placed away from their place but part of their cyber world.
Cloud computing is getting popular these days. No matter who you are, but you are a user of cloud computing application. If you are using windows, you will be using OneDrive. If you are using Google services and own a Gmail account, you must be a user of Google Drive. Similarly, there are a lot of applications, some of them are specific like Polaris Office and some are for generic files like Dropbox. Cloud computing has resolved a lot of problems. The people can store their data on clouds. Enterprises and companies prefer to store data in clouds rather than a single computer because most of the cloud providers and database as a service providers keep the backup of data.
Cloud technology is cheap as compared to buying your own devices. It is better to rent a cloud with scalable RAM, CPU & memory in $5 per month instead of buying hardware equipment, supplying electricity and network 24 hours and maintain the temperature of the room. So, due to ease of use and cheap, the use of cloud computing is increasing day by day.
When you are connected to the internet, you interact with the systems along with the people. The attacker can be a system, bot, software or any person. Of course, it is convenient to use clouds but it increases the risk and threatens the privacy of the user. What if someone hacks the cloud and steal your personal or business data?
You may not care about the wallpapers but what about the personal photos? What if the secrets of your company are exposed? Hence, getting help from vCISO is very important for everyone who is connected to the internet. Threats don’t involve only the attack on your computer, but they also involve the attacks on your privacy, personal information, business data, cloud computers, servers etc.
Threats:
Either you are using a cloud or have deployed your own server, you are exposed to cyber threats. These threats can be natural causes like what if the building explodes where the servers have been placed or the fire burns the servers? Similarly, threats can be a human who is trying to launch an attack like DDos on your servers. It can be a virus which replicates itself to ruin your system. It can be any malware.
A human cause does not involve an intentional attack on a system, even sometimes, a user could do something in an unexpected way which may result in something bad. However, the companies which provide clouds have employed maximum security precautions on their end. But what if you have not secured your VPS, in that case, the threat exists due to your behavior. The SaaS platform for cloud security is adopted by many companies.
Some of the attacks are directed in which the attacker attacks on specific computers and some are random attacks where the attacker attacks any computer. In short, threats can be targeted or random. Threats can be exploited for any purpose. You can check out SOC monitoring by Nettitude to learn more what cyber security operations centers do to combat cyberattacks.
You may also be interested in Computer Security Threats & Vulnerabilities – Hardware & Software
Who are attackers?
An attacker is one who attacks your system sometimes to achieve a goal or sometimes just for fun. Most of the attackers have motivation for attempting criminal act but some of them do just for fun. There are some attackers who know how to make applications to launch an attack but most of the attackers are script kiddies. Script kiddies are those who use the software developed by defense departments or cybersecurity agencies. They don’t have much knowledge about vulnerabilities but they use developed exploits which automatically attack and give the results.
You might be interested in Vulnerability Threat Control Paradigm and CIA Triads
Whenever a big attack is launched, the attacker adopts a new way. Therefore, you can’t figure out a generic solution to defend your systems. If you watch a Hollywood movie or Bollywood movie, you will think it is a joke to attack a system. An actor simply sits on a laptop, type some commands and its done. However, in real life, an attacker spends a lot of time in designing an attack. There is work of many days and sleepless nights to achieve something.
It is not necessary for an attacker to have a strange look like wearing an anonymous hoddie. An attacker can be in dress, businessman, computer scientist or anyone with expertise in the computer. He can also be a script kiddie. It is not possible to figure out an attacker by just his look. However, techniques like computer forensics and profiling are helping in figuring out the criminal from the selected group of doubtful people. The purpose of attack may include revenge or challenge.
Attackers can be an organized group of criminals, terrorists or an individual. There is always a motive, opportunity and method. In methods, the skills and available tools are measured, motive can be a challenge, fun, revenge or something like this and opportunity is the vulnerability in a system.
A vulnerability is a weakness in a system that can be exploited. Hence, from the above discussion, it is very clear that we can’t stop using the emerging technologies due to their vast advantages, however, it is necessary to take security measures before uploading your data on clouds. That’s all folks…!!! Leave your suggestions and opinions in comments.