Abuse And Nefarious Use Of Cloud Computing

Published Date: 02 Nov 2017

The cloud computing is based on VM technology. For implementation of cloud, a hypervisor such as VMWare vSphere, Microsoft Virtual PC, Xen etc. are used. This threat arises because of the vulnerabilities appearing in these hypervisors due to some facts being overlooked by developers during the coding of these hypervisors.

Mitigation

The threat arising due to VM-Level vulnerabilities can be mitigated by monitoring through IDS (Instruction Detection System)/IPS (Intrusion Prevention System) and by implementing firewall.

B. Abuse and Nefarious use of cloud computing

This threat arises due to relatively weak registration systems present in the cloud computing environment. In cloud computing registration process, anyone having a valid credit card can register and use the service. This facilitates anonymity, due to which spammer, malicious code authors and criminals can attack the system.

Mitigation

This type of threat can be mitigated in following ways:

􀂃 By implementing stricter registration process and validation process.

􀂃 By credit card fraud monitoring and coordination.

􀂃 Detailed introspection of user’s network traffic.

􀂃 Network blocks through monitoring public black lists.

C. Loss of governance

The client gives up control to the cloud provider on a number of issues while using the cloud infrastructure. The service Level Agreements (SLA) may not have commitment on the part of cloud provider, to provide such services, thus having a gap in security defenses affecting security. This loss of control may lead to a lack of confidentiality, integrity and availability

of data.

Mitigation

There are no publicly available standards specific to cloud computing security. Thus organizations considering cloud services, need to exercise persistent and careful efforts for the

execution of Service Level Agreements (SLA).

D. Lock-IN

Lock-IN means inability of the customer to migrate from one cloud service provider to another .This is due to loss of portability of the customer data and programs. Presently, there are few tools, procedures or standard data formats which provide data, application or service portability. This prevents customers or organisations from adopting cloud computing.

Mitigation

Standardized cloud Application Programming Interface (API)should be used. This standardization will ensure cloud computing to be more fully accepted.

E. Insecure Interfaces and APIs

Customers use a set of software Interfaces or APIs to interact with cloud services. The provisioning, management, orchestration and monitoring of the cloud service are generally

done using these interfaces .If the weak set of interfaces and APIs are used, this may expose organizations to various security threats, such as anonymous access, reusable tokens or

password, clear-text authentication or transmission of content, inflexible access controls or improper authorizations, limited monitoring, and logging capabilities.

Mitigation

To mitigate the above threats, the security model of cloud provider interfaces should be analyzed. Strong authentication and access controls should be implemented. Encryption should

be used for transmission of content and, dependency chain associated with the API should be clearly understood.

F. Isolation Failure

The services are delivered in cloud computing by sharing infrastructure .The components that are used to build Disk partitions, CPU cache, graphics processing units etc are not

designed to offer strong isolation properties or compartmentalization. The hypervisors, that are basic building blocks for cloud computing, have exhibited flaws that enable guest operating system to gain unauthorized control .Due to this isolation failure, the attackers focus on to impact the operations of other cloud customers to gain unauthorized access to data.

Mitigation

Strong compartmentalization should be employed so that the individual customers do not impact the operations of other customers .This can be enforced by implementing best practices for installation, configuration, monitoring environment for unauthorized changes/activities, promoting strong authentication and access control, patching the vulnerabilities and conducting vulnerability scanning and configuration audits.

G. Data loss or leakage

Data loss or leakages have an adverse effect on the business. The brand or reputation is completely lost and the customers’ morale and trust are eroded. This data loss or leakage may be

due to insufficient authentication, authorization and audit controls, inconsistent use of encryption and software keys, disposal challenges, a data center reliability, and disaster recovery.

Mitigation

The threats arising due to data loss or leakage can be mitigated by encrypting and protecting integrity of data in transit, analyzing data protection at both design and runtime,implementing strong key generation, storage and management. Contractually demanding provider to wipe persistent media before it is released in to pool and contractually specifying provider backup and retention strategies.

H. Account or service Hijacking

The above threat occurs due to phishing, fraud and software vulnerabilities .Attackers can steal credentials and gain access to critical areas of deployed cloud computing services, resulting in compromise of the confidentiality, integrity and availability of these services.

Mitigation

To mitigate the above threats, sharing of account credentials between users and services should not be allowed, multi-factor authentication techniques should be used wherever possible,

strict monitoring should be done to detect unauthorized activity, and security policies, as well as SLAs of the cloud provider, should be clearly understood.

I. Management Interface Compromise

The customer management interface of the cloud provider is accessible through the internet .In cloud computing, larger set of resources are accessed through these interfaces than traditional hosting, since cloud computing provides remote access to customers through these management interfaces. This may pose a serious threat if web browser vulnerabilities are present.

Mitigation

To mitigate threats arising due to remote access, secure protocol should be used to provide access. Also, web browser vulnerabilities should be completely patched before providing remote access.

J. Compliance Risks

This threat arises due to lack of governance over audits and industry standard assessments. Due to this, customers of cloud services do not have a view into the processes, procedures and

practices of the provider in the areas of access, identity management and segregation of duties. Organisations that seek to obtain certification, may be put at risk because cloud computing service providers may not be able to provide evidence of their own compliance with the necessary requirements or may not permit an audit by cloud customer.

Mitigation

Vendors’ internal audit process should be reviewed. How often it is audited by external agencies and, whether or not, it is open to being audited for compliance.

K. Malicious Insiders

This threat is well known to most organizations .Malicious insiders’ impact on organization is considerable. Given their level of access, they can infiltrate organizations and assets and do brand damage, financial losses and productivity losses. Therefore, it is critical for customers of cloud services as to what controls have been provided by cloud providers to detect

and defend against the malicious insider threats.

Mitigation

The Malicious insider threats can be mitigated by specifying human resources requirements as part of legal contracts, conducting a comprehensive supplier assessment, providing

transparency into overall information security and management practices, as well as compliance reporting and determining security breach notification processes.